cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
449
Views
5
Helpful
5
Replies

Unity .wav files security

carijit
Level 1
Level 1

Is there any way we can secure the voicemails that are being stored as .wav files.

There is a privacy issue when evaluating Unity as our Voice Mail system as the voice mails are stored as wav files and anyone who have acccess to these wav file can eventually get the voicemails.

Are there anyway to encrypt these file.

Any help on this is appreciated.

Thanks.

5 Replies 5

travis-dennis_2
Level 7
Level 7

I am sorry that I can't help you with what you want but I just wanted to put my 2 cents in. I understand that security is a concern but I just wanted to point out that standard PBX and VM systems are notoriously easy to hack. In my humble opinion putting VM in a user’s inbox by means of an Exchange integration is much more secure than what a standard PBX and VM system could offer. If your network admins are doing their job it is going to be a heck of a lot hard for someone to hack and inbox or the Exchange server that would be a standard PBX and VM system. The Unity Gurus will chime in shortly I am sure to give you an answer on your original question but I just wanted to chime in and set up a level playing field.

Just my 2 cents for the day. Hope this helps

and...I just pulled out my handy dandy "Cisco Unity Deployment and Solutions Guide". Awesome material by the way. It does not seem that encryption is possible but what I found intersting is that you can mandate the use of two-factor authentication to gain access remotely to the messages. Apparently Unity can be tied in with SecureID from RSA and anyone calling externally to gain access to the messages would have to enter not only their subscriber ID but the SecurID from a key fob or card as well. Pretty darn secure if you ask me.

if you are still concerend with over the network access you have bnigger problems than Unity can address. Your network is not secure if that is the case. You will never be able to keep out the best of the best hackers but your average script-kiddie or on-staff developers (why do they seem to almost always hack on the side?:) )should never be able to access someone elses inbox.

Yo Jeff...how was that?

Thanks for the response.

We all know ways to secure access to Unity through RSA,certificates and other stuff.But our real concern is to restrict even Exchange Admin to hear the wav files which doesnt belong to them.

Legacy VMs dont allow any administrator to hear VMs that doent belong to them I guess.

We all know ways to secure access to Unity through RSA,certificates and other stuff.But our real concern is to restrict even Exchange Admin to hear the wav files which doesnt belong to them.

By default, Exchange permissions are explicitly configured to disallow Administrator users access to user mailboxes. You can set NT/2000 auditing to catch changes to these permissions. If your Exchange admins are breaking into user mailboxes after explicitly overriding those permissions, well, that's more of a human resources issue than a technical issue if you know what I mean. They are abusing the trust placed in their position.

Legacy VMs dont allow any administrator to hear VMs that doent belong to them I guess.

Legacy VM admins can change user PINs and listen to the voicemails that way. If they want to cover their tracks, they can "accidentally" lock-out the box when they're done and the user will call into the helpdesk to have their mailbox reset, none the wiser.

For that matter, how do you think those voicemails are stored? Pop that box open and you'll often see a regular hard drive. I'll grant you that access isn't as convenient as it is with Exchange, but it can be done.

To summarize, your question is a legitimate one. It is somewhat easier for privileged Exchange admins to gain access to voicemail than for legacy VM admins to get access to legacy voicemail boxes, especially untraced. I am reliably informed that encrypted voicemail is Coming Soon to a Unity Near You, but I don't know when or with what version.

Thanks for the responses Jason/Dennis. I appreciate your time and help.