A year after President Obama issued his “Cyberspace Policy Review,” he called a high level meeting of public and private sector representatives, DHS Secretary Janet Napolitano, Commerce Secretary Gary Locke, and National Cyber Security Coordinator, or “Cyber Czar,” Howard Schmidt at the White House to discuss progress and achievements in cyber security.With President Obama and ISA President Larry Clinton in attendance, Secretary Locke singled out the ISA’s work in developing a security checklist for mobile communications platforms, such as VoIP, as “one of the most important achievements in cybersecurity that year.” ISA was the only trade association to be so recognized.
The ISA Checklist is the product of a program initiated in 2007, which initially sought to investigate how the security content automation protocol (SCAP) for securing federal desktop systems could be expanded and adapted to integrated communications platforms, such as mobile phones, VoIP, and similar devices and services. ISA has published several papers in this area, some of which address the technical issues related to this increasingly emergent field of cybersecurity, while others address the legal issues enterprises must face in this area.
These publications include: “Applicability of SCAP to VoIP Systems – White Paper Draft for Review,” “IP Phone Baseline Security Checklist,” and “Navigating Compliance and Security for Unified Communications.”
In the “Navigating Compliance and Security for Unified Communications” publication, existing UC solutions are inventoried as well as the known security risks and available security controls. Tensions between the use of such solutions and controls with existing laws governing telephone services, privacy, etc., are then explored. In sum, this report provides valuable guidance to security professionals and attorneys that are asked to consider and navigate these legal tensions and offer recommended commercial practices on how to move ahead implementing security for UC solutions within existing legal rules.