Cisco Unity Security Guide (With IBM Lotus Domino), Release 4.x
Securing Subscriber Messages

Table Of Contents

Securing Subscriber Messages

How Cisco Unity Handles Messages That Are Marked Private

Best Practices for Using Text to Speech (Unified Messaging)


Securing Subscriber Messages


In this chapter, you will find descriptions of potential security issues related to securing messages; information on any actions you need to take; recommendations that will help you make decisions; discussion of the ramifications of the decisions you make; and in many cases, best practices. See the following sections for details:

How Cisco Unity Handles Messages That Are Marked Private

Best Practices for Using Text to Speech (Unified Messaging)

How Cisco Unity Handles Messages That Are Marked Private

Messages marked private cannot be forwarded by phone. This includes any voice message that a Cisco Unity subscriber marked private, and as applicable, any e-mail message that a subscriber or another sender marked with the "Do Not Copy" mail option in IBM Lotus Notes.

Best Practices for Using Text to Speech (Unified Messaging)

The Text to Speech (TTS) feature allows Unified Messaging subscribers to listen to their e-mail messages over the phone. Cisco Unity reads the text portion of e-mail messages and provides additional information such as the name of the sender (if the sender is a subscriber), and the time and date that the message was sent. No attachments are read over the phone.

TTS is a class of service offering. Before you enable subscribers to use TTS, consider the following best practices:

Best Practice: Use Enhanced Phone Security

Because a phone password is inherently less secure than a password that subscribers would typically use to log on to a workstation and/or their e-mail inboxes, offering TTS to subscribers can be considered a security risk. To provide a more secure way to authenticate subscribers when they access Cisco Unity by phone, and thereby increase the security of all subscriber messages, set up enhanced phone security. (See the "Determining Whether to Offer Enhanced Phone Security" section on page 7-11.)

Best Practice: Do Not Offer TTS if E-Mail Content Is Sensitive

Offering TTS can also be considered a security risk because subscribers can access Cisco Unity from any phone—inside or outside your organization. If the e-mail content in your organization contains classified information that you do not want played over unsecured connections, do not offer TTS to subscribers.