Security, Security, Security

“If you have built castles in the air, your work need not be lost; that is where they should be. Now put the foundations under them.”

— Henry David Thoreau

During this time of unemployment, I have more free time than I care for. While I wouldn’t necessarily call myself a workaholic, I do like having structure in my life. That doesn’t mean I haven’t been disciplined about my days. I’ve certainly been working very hard at finding employment (which is no longer a concern – thank goodness), learning new things (a never ending story), and strengthening my professional network. Unfortunately, while personally fulfilling, discipline and effort don’t equate to the structure that I derive from working an actual job.

Thankfully, early on in this unexpected break in my career, I was presented with an opportunity to combine all three (job search, learning, and networking) into a single package. While not a “real” job, it offers me enough of the structure I need to fill those empty moments and protect my work ethic sanity.

Today, I am officially announcing that I have accepted an offer to sit on the advisory board of Assertion.

I don’t blame you if you haven’t heard of Assertion. Other than seeing and liking their posts on LinkedIn, they were new to me, too. However, the job they’ve set out to do is not new. I have been writing about SIP, SBCs, remote workers, collaboration, and security since my very first SIP Adventures article way back in 2007. I have been thinking about, acting upon, and writing software for all five even longer.

Assertion recognizes that although enterprises are rolling out SIP services and endpoints at a breakneck speed (thank you, COVID-19), the security of those new networks is often questionable. Yes, businesses have stopped asking the question, “Do I really need an SBC,” but the fact that an SBC exists between the wild-wild-west Internet and the corporate LAN isn’t enough. Hackers can get through incorrectly or inadequately configured SBCs (no matter who the vendor is). Breaches can go unnoticed. Denial of Service (DoS) attacks can impede and potentially freeze VoIP traffic. Eavesdropping can occur. Maliciously manipulated SIP messages can cause essential services to crash.

These SIP attacks can lead to substantial dollars in toll fraud, business interruptions, failure to meet SLAs, loss of customers, missed calls, bad publicity, and possibly lawsuits. Enterprises have learned the hard way how costly data breaches can be. They need to have the same level of concern about the security of their digital communication.

My role as advisor to Assertion is to be a set of technical eyes and ears on their products and services. As a “SIP guy,” this is right up my alley. They are wrapping the concerns I’ve been expressing to my customers in software, procedures, and bots. Knowing the difference between SIP methods and headers is important, but even more important is understanding the potential pathways to mischief.

And yes, I said bots in that last paragraph. Not only do I get to flex my SIP muscles, but artificial intelligence, machine learning, and bots have been high on my list of interests and explorations these past many years. While I won’t be writing the code to test and stress the security of a SIP network (rats!), I will have insight, exposure, and some influence over the folks who will be doing the heavy lifting.

To be clear, this advisory role isn’t a job. There is no biweekly paycheck. Starting in July, knock on wood, that will be coming from Avaya. I do see my two positions as being very complimentary, though. My Avaya customers are not unique in wanting safe and secure communications. My association with Assertion will keep me immersed in cutting edge technologies and best practices that safeguard SIP traffic. This is a win-win-win-win for Avaya, Assertion, our customers, and me.

Mischief Managed

I am about to enter a new phase of my career and I am as excited as when I graduated from Arizona State University in 1982 and set out to conquer the world. I feel a little more prepared this time around, but I won’t let that lull me into complacency. There is still so much I need to learn and thankfully I am about to return to the structure that keeps me on the straight and narrow.  Happy days are here again.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: