From VoIP to Unified Communications and WebRTC
If you’re using devices that run TLS 1.0 or 1.1, it’s imperative you change them.
With hacking techniques constantly growing more effective, it’s crucial that your UCC security is constantly updated to keep up. This also applies when it comes to one of the most long standing systems protecting communication networks: TLS.
Short for “Transport Layer Security,” TLS is a security protocol that keeps communications unreadable to eavesdroppers — but only if it’s a version that’s up to date. This is crucial to note because, due to improved code-cracking from hackers, the oldest versions of TLS, 1.0 and 1.1, are now vulnerable to attacks.
Unfortunately, this means that any devices that still use TLS 1.0 or 1.1 jeopardize the security of your entire network. Because many devices using these versions cannot be upgraded, you should immediately replace any hardware using TLS 1.0 or 1.1 with models that use a more reliable version, TLS 1.2.
You can find Wildix devices that are end-of-life due to TLS issues here.
To explain why it’s so crucial to upgrade any hardware running TLS 1.0/1.1, let’s discuss the topic in more detail.
TLS is a security procedure used between two parties — a client and a server — when exchanging information over the internet.
This procedure begins with the client and the server identifying themselves, then agreeing on both a private and shared code to use in a process known as a “handshake.” After this, the connection is secure because both the client and the server are communicating through advanced cryptographic techniques, meaning only they can understand it.
In short, TLS encodes online data in such a way that even if a hacker broke into your network to listen in, they can neither understand nor decode your information.
An inherent weakness in TLS is that the security it offers boils down to secure ciphers. By design, TLS is only secure so long as its codes cannot be cracked by an outsider.
Unfortunately, this is exactly the issue with TLS 1.0 and 1.1: the ciphers these protocols create can be decoded by an outside party.
The problem here comes down to the methods of encryption that TLS 1.0 and 1.1 use, in particular a means of encoding (called a “hashing algorithm”) known as SHA-1. By now, the codes that SHA-1 generates can be cracked with fairly rudimentary tools, meaning hackers can potentially listen in on conversations encrypted with TLS 1.0 or 1.1.
This kind of flaw in cryptography is what TLS 1.2 was designed to fix. Rather than use SHA-1, TLS 1.2 uses the updated hashing algorithm SHA-256, which is still complex enough and secure enough to remain uncracked.
As far as security goes, the difference is black and white: TLS 1.2 uses encryption that can’t be broken, while TLS 1.0 and 1.1 will always be at risk of exposure. As a result, Google Chrome and other major browsers suspended their support for TLS 1.0/1.1 in early 2020, meaning accessing them through outdated TLS devices may cause compatibility issues.
There are two worst-case scenarios of leaving TLS 1.0/1.1 UCC devices on your network.
First, hackers or other intruders will have an easier time intruding on any communications you send over the internet. Practically speaking, this means attackers can intercept and decrypt phone calls, videoconferences or text messages, or pose as a genuine user on your network and receive communications from you directly.
Obviously, either scenario can easily result in confidential information — including corporate intel, passwords or even financial details — being leaked. Furthermore, if either happens, you won’t even know your messages are being intercepted, as if TLS is decrypted it can’t safeguard your system any further.
Second, using TLS 1.0/1.1, entities from outside your organization can register themselves on your UCC devices by obtaining a device’s credentials. The fallout of this security breach can be immediate. Once on your network, hackers can use your devices to place phone calls, which in a worst-case scenario can rack up thousands of dollars in international dialing expenses after only a few days.
Again, it cannot be overemphasized that both these outcomes are entirely possible so long as TLS 1.0/1.1 devices remain on your network. The only way to safeguard yourself from financial loss and identity exposure in this manner is to make the switch to TLS 1.2.
For added security on your network, consider making use of Wildix, the only platform on the market that’s 100% secure by design for safe communications without external SBCs or VPNs. Read the full details on how Wildix achieves that security in our security white paper.
To get more tips over digital security, subscribe to receive our magazine for free!
In the recent weeks and months, due to the COVID-19 outbreak, many companies around the world have been struggling to provide their employees with tools that can enable them to work from home while maintaining the same level of productivity and availability.
This is especially true for those companies who never had the practice of remote working in place before the outbreak. Just a few months ago, smart working was simply “nice to have”, and was used only by a small percentage of companies. Today, it is no longer optional; it has become a must-have capability for every business as a means of survival.
In this blog post we will analyze, from a technical perspective, whether it is possible to quickly and seamlessly activate smart working in a small to medium scale company and how much time it will take.
Many companies are struggling to increase workplace productivity and maintain employee loyalty and job satisfaction of their office workers.
The fact is that today people tend to spend less and less time at their assigned workstations. This trend is increasing with more Millenials and Gen Z employees entering the workforce. These generations crave autonomy, mobility and flexibility in their working arrangements.
To meet these expectations, many companies design their offices to provide more freedom and mobility to their employees, and embrace the newest technologies that offer:
Any company interested in growing is striving to win new customers and retain their existing ones. Your customers, in fact, have the same need. Let’s see how you can help them.
Would you agree that winning new customers and retaining the existing ones, for the most part, depends on the performance of the customer service department?
In this article we will see in detail some typical challenges that call agents face each day, that prevent the company from achieving its business goals, and how you can help them overcome these problems.
✔ Flexibility in managing agent opt-in/ opt-out option
In a critical situation, when there is a high load of incoming calls, call agents have no easy way of adding themselves to a call queue. They either have to depend on a system administrator to do it for them or to remember complicated procedures to do it via a dedicated Feature Code.
Let’s keep in mind that the primary tool used by contact center agents has always been, and still remains, the desk phone. What about a simple button that allows a call agent to opt-in/ opt-out of getting calls from the selected call queue directly from the desk phone?
Continue reading “Six common customer service problems that are killing the business growth”