by George Demou
Data is the new intangible commodity for companies in our world today. Protecting that data whether it is at rest or in motion is as important as locking your front door. For the longest time protecting that data was entrusted to using (S)ecure (H)ash (A)lgorithm or SHA for short. Variations of SHA are often used by TLS certificate authorities to sign certificates. This algorithm help ensures that your data is not modified or tampered with.
Unfortunately, hackers are at constantly probing algorithms and encryptions for weaknesses that can be exploited. Recently it has become known that potential security weaknesses exist in SHA-1. A hash attack, known as a collision attach can be used to compromise the security that the hash is supposed to put in place. This vulnerability has led many browsers and technology vendors to remove support for SHA-1 in 2017 and look elsewhere for security algorithms.
So, what does this have to do with my phone system? Your digital phone system, its remote subsystem and the client machines that connect to it use certificates to validate every connection. Depending upon your environment, these connections, and all the critical data being passed within that connection, may be vulnerable to hash attacks. These hash attacks may leave conversations vulnerable to unauthorized tapping.
Addressing the potential vulnerabilities of SHA-1 is vital to maintaining security, but is also important to organizations in highly regulated industries, including healthcare, financial services, mortgage services and public sector. In these industries, failure to proactively address potential vulnerabilities within security algorithms may lead to compliance issues and the resulting financial penalties.
Addressing these potential vulnerabilities is crucial to your organization’s security and the security of your customer interactions. At Avtex, our security and contact center experts have developed a packaged solution to address these potential vulnerabilities within the Customer Interaction Center premise environment. Our knowledge of Interactive Intelligence products and architecture allows us to provide the guidance you need to ensure the optimal performance of security algorithms.
It is important to take action to address potential SHA-1 vulnerabilities before they arise. We are happy to help you conduct a review of your in-place security algorithms to identify potential vulnerabilities. To learn more, contact us today.