Security News > 2021 > June > NSA shares guidance on securing voice, video communications
The National Security Agency has shared mitigations and best practices that systems administrators should follow when securing Unified Communications and Voice and Video over IP call-processing systems.
Since these communication systems are tightly integrated with other IT equipment within enterprise networks, they also inadvertently increase the attack surface by introducing new vulnerabilities and the potential for covert access to an organization's communications.
Segment enterprise network using Virtual Local Area Networks to separate voice and video traffic from data traffic.
"Taking advantage of the benefits of a UC/VVoIP system, such as cost savings in operations or advanced call processing, comes with the potential for additional risk," the NSA concluded.
"A UC/VVoIP system introduces new potential security vulnerabilities. Understand the types of vulnerabilities and mitigations to better secure your UC/VVoIP deployment."
Much more extensive security best practices and mitigations on how to prepare networks, establish network perimeters, use enterprise session controllers, and add endpoints when deploying UC/VVoIP systems are available in the Cybersecurity Information Sheet released today by the NSA. In January, the NSA also shared guidance on how to detect and replace outdated Transport Layer Security protocol versions with up-to-date and secure variants.