In practice, it is rare that only one UC suite is used exclusively, even after an organization has standardized on a single platform like Lync. The enterprise architecture will more likely include a combination of authorized applications, such as a specific public IM and Skype, which will remain in use no matter what UC platform is deployed. In addition, collaboration with partners, contractors and customers will require the inclusion of other enterprise UC platforms.
This is further complicated by the users themselves downloading a myriad of unauthorized real-time communications tools and Web 2.0 applications, such as Windows Live, Gmail, Facebook, and the more business-oriented LinkedIn. Regardless of company policy, because of their pervasive nature and employees’ reluctance to do without, these applications are often found in extensive use across most organizations.
Traditional security measures are no match for today’s modern communications tools. Many legitimate applications use evasive techniques, such as port hopping, protocol tunneling, and encryption. In addition, some use Peer-to-Peer connections. Skype, for instance, uses a peer-to-peer connection and is encrypted end-to-end, often even tunneling through HTTP /port 80, if that is the only port/protocol that it finds open on the firewall, negating the use of an URL filtering solution to control it.
Aside from the obvious hazard of malware using this unauthorized channel to subversively enter the network, deploying Lync without the means to enforce other communications channels from being used adds the danger that organizations are not monitoring everything that leaves the network. Compounding matters is the lack management tools to consistently enforce disclaimers, manage content filtering and provide granular controls over all Internet communications, and it is clear that unleashing the full potential of unified communications and collaboration requires specialized technology to meet the security, management and compliance issues arising from a UC deployment.
Actiance’s award-winning platform, Vantage, extends and augments Lync’s native functionality for security and compliance without impacting the scalability or the performance of a Lync deployment. Actiance’s extensive functionality enables enterprises to embrace internal and external collaboration, with the ability to block or control potentially unauthorized applications, such as Skype, Google Talk, and other real-time communications tools.
This white paper focuses on the security issues that surface when deploying a UC platform such as Lync and explains how Actiance addresses these issues.