Cisco Unity Connection System Administration Guide, Release 1.x
Setting Up Private and Secure Messaging

Table Of Contents

Setting Up Private and Secure Messaging

Secure Messaging Overview

Limitations of Secure Messaging

Setting Up Secure Messaging

Enabling Secure Messaging for Users

Disabling the Save Recording As Option in the Media Master


Setting Up Private and Secure Messaging


In Cisco Unity Connection, messages that are marked private cannot be forwarded by phone or from the Cisco Unity Inbox. All users are able to mark a message private when they send it. In addition, when a message is marked private, the Save Recording As option is disabled on the Options menu on the Media Master in the Cisco Unity Inbox.

For users who require more security, consider setting up secure messaging and enabling users to use it. Secure messaging provides security through the use of public/private key encryption for voice messages that users record when they log on to Connection by phone. Voice messages that are encrypted by being marked secure cannot be heard by anyone other than a Connection user who is homed on the Connection server.

A user who is enabled to send encrypted secure messages will hear "to mark this private and secure, press 3" in the Connection conversation while sending a message. The message will be encrypted, and will also be marked private, to prevent it from being forwarded. A user who is not enabled to send encrypted secure messages will instead hear "to mark this private, press 3," which will prevent the message from being forwarded. From the Cisco Personal Communications Assistant, a user also can mark a message both private and secure.

As an added security measure, you can also prevent users from saving any voice message—regardless of its sensitivity—to their hard disks by disabling the Save Recording As option on the Options menu of the Media Master in the Cisco Unity Inbox.

See the following sections in this chapter:

Secure Messaging Overview

Setting Up Secure Messaging

Enabling Secure Messaging for Users

Disabling the Save Recording As Option in the Media Master

Secure Messaging Overview

The secure messaging feature provides enhanced privacy and security through the use of public/private key encryption for voice messages. When a user records a voice message and marks it secure, Cisco Unity Connection encrypts the WAV file by using the public key of the Connection server. The public key for the Connection server is stored in the Connection database. To send a secure message, users can log on to Connection by phone, or can send the message from the Cisco Unity Inbox, either by using the phone or media player software to record the message. As with other voice messages, users can use any phone—inside or outside the organization—to record a secure message.

In order to play a secure message, Connection decrypts the message by using a private key stored on the server. Connection can play a secure message only for recipients who are homed on the same Connection server as the sender To hear a message, recipients can log on to Connection by phone, or can use the Cisco Unity Inbox, and listen to the message by phone or by using media player software. They can use any phone—inside or outside the organization—to do so. Recipients who are associated with a server other than the Connection server cannot listen to a secure message, because the required private key is not available. Instead, Connection plays a decoy WAV file that says:

"This voice message is private and secure and can only be played if you log on to the voice mail system and check your messages by phone. If you received this message in error, notify the sender and delete it immediately."

Connection also plays the decoy message when anyone attempts to play a secure message by using media player software, and users hear the decoy message when they use the Cisco Unity Inbox to play a secure message—even when they specify the phone as the playback device for the Media Master.

Alternatively, if recipients attempt to play a secure message by using any SMTP e-mail program, the following text message is displayed:

"This message and any files transmitted with it are confidential and intended solely for the individual or entity to which they are addressed. If you received this message in error, notify the sender and delete it immediately."


Note Users can send and retrieve secure messages by using the user speech recognition conversation or any of the keypress input versions.


Limitations of Secure Messaging

Consider the following limitations of the secure messaging feature, and make sure that users, administrators, and support desk personnel are aware of them.

When users leave a voice message after calling another user and being transferred to voice mail, they cannot mark the message private or secure.

The private keys that are required to decrypt secure messages are not specific to individual users or workstations. Thus, if a secure message is sent to an unintended recipient—perhaps because of an addressing mistake made by the sender or due to a system problem—Connection will play the message for any recipient who receives the message as long as the recipient is homed on the same Connection server as the sender.

From an IMAP client, a user cannot send a secure message, nor can the user retrieve a secure message. If the user tries to listen to a secure message, a decoy message will instead be played, telling the user to log on to Connection by phone to listen to the message.

When you enable the Encrypt All Messages from Outside Callers and the Encrypt All Private Messages from Users settings on the System Settings > Advanced > Secure Messaging page, users will not be able to use IMAP clients to listen to any messages. Instead, they will need to listen to messages from the Connection conversation or the Cisco Unity Inbox.

Setting Up Secure Messaging

During installation, a secure messaging certificate is installed automatically on the Cisco Unity Connection server. In addition, Connection is set to subsequently run a task automatically to create and/or delete certificates, according to the aging policy and task schedule that you set.

Use the following task list to set up secure messaging:

1. Set an aging policy for certificates. See the "To Set an Aging Policy for Secure Messaging Certificates" procedure.

We recommend that you establish an 8:1 ratio for creating and deleting certificates. For example, if you set Weeks Before Deleting Old Certificate to 16 weeks, you should set Weeks Before Creating New Certificate to 2 weeks. In this example, a new certificate will be created every 2 weeks, and certificates will be deleted as they reach an age of 16 weeks.

Keep in mind that when a secure message is saved by a user, the user is able to listen to the message only as long as the certificate associated with it remains on the Connection server. Keeping to an 8:1 ratio helps ensure that existing certificates are not deleted from the system too quickly.

We recommend that you do not create new certificates on a regular basis without deleting existing certificates. Creating multiple new certificates on a server without deleting existing certificates may adversely affect performance.

2. If applicable, adjust the default task schedule associated with the Certificate Management task. See the "To Modify a Task Schedule for the Automatic Creation and Deletion of Secure Messaging Certificates" procedure. We recommend that you run the task according to the default schedule.

3. Enable secure messaging for users. You can:

Enable secure messaging for all users. See the "To Enable Secure Messaging Systemwide" procedure.

Enable secure messaging for individual users. See the "To Enable Secure Messaging for an Individual User" procedure.

Enable secure messaging for a group of users by using a user template. See the "To Enable Secure Messaging for a Group of Users by Using a User Template" procedure. For example, if you want all employees in the Sales department to have access to secure messaging, set up a Sales Department user template and enable the feature on the template, then use the template when setting up accounts for the Sales employees. Keep in mind that enabling the feature on a user template will not affect any user accounts based on the template that have already been created. Secure messaging will only be enabled for users whose accounts are created from the template subsequent to enabling the feature on the template.

To Set an Aging Policy for Secure Messaging Certificates


Step 1 In Cisco Unity Connection Administration, expand System Settings > Advanced, then click Secure Messaging.

Step 2 On the Secure Messaging Configuration page, enter values in the following fields:

Weeks Before Creating New Certificate—Enter a value from 0 (zero) to 52 weeks. A value of zero means a new certificate will never be created.

Weeks Before Deleting Old Certificate—Enter a value from 0 (zero) to 52 weeks. A value of zero means an existing certificate is never deleted.


Note We recommend that you establish an 8:1 ratio for creating and deleting certificates. For example, if you set Weeks Before Deleting Old Certificate to 16 weeks, you should set Weeks Before Creating New Certificate to 2 weeks. In this example, a new certificate will be created every 2 weeks, and certificates will be deleted as they reach an age of 16 weeks.


Step 3 Click Save.


To Modify a Task Schedule for the Automatic Creation and Deletion of Secure Messaging Certificates


Step 1 In Cisco Unity Connection Administration, expand Tools, then click Task Management.

Step 2 On the Task Definitions page, in the table, click Certificate Management.

Step 3 On the Task Definition Basics page, on the Edit menu, click Task Schedule.

Step 4 On the Task Schedule page, adjust the default schedule, as applicable, to control the automatic creation and deletion of certificates.

If you want to revert to the default settings, click Set to Defaults.


Caution When the Certificate Management task runs, it will first check the aging policy values that you set in the preceding "To Set an Aging Policy for Secure Messaging Certificates" procedure, and will create and/or delete certificates only if applicable. Do not set the task to run only one day per month, or you may have unexpected results. We recommend that you run the task according to the default schedule.

Step 5 Click Save.


Enabling Secure Messaging for Users

In order to allow users to send secure messages by using the Cisco Unity Connection conversation, you must enable it for them. You can enable secure messaging for all users systemwide, or for a limited number of users.

Enabling secure messaging only for certain users may make system administration, troubleshooting, and training more labor-intensive than when the feature is enabled systemwide for all users. For example, a user who receives a secure message may try to send a secure message even if not enabled to do so, and may then believe that Connection is not behaving as expected.

Note that users are automatically able to receive and listen to secure messages. However, you must specifically enable users to send secure messages.

Choose one of the following methods, according to the needs of your users:

To Enable Secure Messaging Systemwide

To Enable Secure Messaging for an Individual User

To Enable Secure Messaging for a Group of Users by Using a User Template


Note For information on adding or modifying a user template, see the "Adding, Modifying, or Deleting a User Template" chapter of the Cisco Unity Connection User Moves, Adds, and Changes Guide. The guide is available at http://www.cisco.com/en/US/products/ps6509/prod_maintenance_guides_list.html.


To Enable Secure Messaging Systemwide


Step 1 In Cisco Unity Connection Administration, expand System Settings > Advanced, then click Secure Messaging.

Step 2 On the Secure Messaging Configuration page, check the following check boxes, as applicable:

Encrypt All Messages from Outside Callers—When this check box is checked, all messages left by outside callers will be encrypted secure messages.

Encrypt All Private Messages from Users—When this check box is checked, if a user marks a message private and secure (from the delivery options menu in the Connection conversation: "to mark this private and secure, press 3"), it will be a private and encrypted secure message.

Encrypt All Messages from Users—When this check box is checked, all messages sent by users will be encrypted secure messages, even when they do not select that option when sending messages.

Step 3 Click Save.


To Enable Secure Messaging for an Individual User


Step 1 In Cisco Unity Connection Administration, expand System Settings > Advanced, then click Secure Messaging.

Step 2 On the Secure Messaging Configuration page, ensure that the Encrypt All Private Messages from Users and the Encrypt All Messages from Users check boxes are not checked.

Step 3 Click Users.

Step 4 On the Search Users page, in the Search Results table, click the alias of the applicable user.


Note If the user alias does not appear in the search results table, set the applicable parameters in the search fields at the top of the page, and click Find.


Step 5 On the Edit User Basics page, on the Edit menu, click Send Message Settings.

Step 6 On the Send Message Settings page, check the Encrypt Private Messages check box.

Step 7 Click Save.

Step 8 Repeat Step 3 through Step 7 for each user.


To Enable Secure Messaging for a Group of Users by Using a User Template


Step 1 In Cisco Unity Connection Administration, expand System Settings > Advanced, then click Secure Messaging.

Step 2 On the Secure Messaging Configuration page, ensure that the Encrypt All Private Messages from Users and the Encrypt All Messages from Users check boxes are not checked.

Step 3 In Cisco Unity Connection Administration, expand Templates, then click User Templates.

Step 4 On the Search User Templates page, click Add New.


Note Alternatively, you can modify an already-existing template. Keep in mind that any user accounts that have already been created based on that template will not be affected by the changes you make to the template now. If you choose to modify an already-existing template, skip to Step 8.


Step 5 On the New User Template page, enter settings as applicable.

Step 6 Click Save.

Step 7 On the User Templates Basics page, enter additional settings, as applicable. If you change any settings on the page, click Save.

Step 8 On the Edit menu, click Conversation Settings.

Step 9 On the Edit Conversation Settings page, check the Encrypt Private Messages check box.

Step 10 Click Save.

When new user accounts are created by using this template, the users will be enabled for secure messaging.


Disabling the Save Recording As Option in the Media Master

By default, except for messages marked private, users can save their messages as WAV files to their hard disks by using the Save Recording As option available on the Media Master Options menu in the Cisco Unity Inbox. You can prevent users from saving any voice message—regardless of its sensitivity—to their hard disks by disabling the Save Recording As option on the Options menu of the Media Master in the Cisco Unity Inbox.

However, note the following:

Even when you disable the Save Recording As option on the Media Master in the Cisco Unity Inbox, users can still use the option in the Cisco Personal Communications Assistant web tools to save greetings or recorded names.

When you prevent users from archiving messages by saving them to their hard disks, they may choose to retain messages in their Inboxes and Deleted Items folders longer.

Disabling the Save Recording As option affects all users associated with the Connection server; you cannot disable it only for individual users.

To Disable the Save Recording As Option in the Media Master in the Cisco Unity Inbox


Step 1 In Cisco Unity Connection Administration, expand Settings > Advanced, then click PCA.

Step 2 On the PCA Configuration page, check the Unity Inbox: Disable Save Recording As Option in Media Master check box.

Step 3 Click Save.