No announcement yet.
  • Filter
  • Time
  • Show
Clear All
new posts

  • Security Risk Assessment

    Morning everyone!

    I'm documenting a risk assessment on our 14.2 ShoreTel deployment and I have a question about our virtualized conference appliance. I know it handles "processing and session management" for instant messages, but do the messages themselves actually pass through the appliance? and if so, are they encrypted?

    The concern is that an attacker could gain access to the conference appliance and eavesdrop on IM conversations that might include patient info (we're a healthcare practice).

    I've been doing a lot of reading and it sounds like they do pass through the appliance but are encrypted. I'm grateful for any insight or direction you all may offer.


  • #2
    They do pass through the appliance (it is a message broker pattern for the IM), and while I am not sure about their encryption state during handling, I know they get logged in clear text as part of the conference bridge logging. I have not tried to turn that off, but it is absolutely on by default.