Specifications
A31003-D3000-P100-01-76A9, 10-2013
OpenStage and Desk Phone IP SIP V3, Security Checklist, Planning Guide 7
Introduction
Security Strategy for Unify Products
Products of Unify are developed according to the Baseline Security Policy, which
contains the technical guidelines for the secure development, release and
sustaining of the company’s products. It defines the fundamental measures for
software security that are taken throughout the whole lifecycle of a product, from
design phase until end of life:
Product planning and design:
Threat and Risk analysis (Theoretical Security Assessment) to determine the
essential security requirements for the product.
Product development and test:
Penetration Tests (Practical Security Assessment) to discover implementation
vulnerabilities and to verify the hardening of the default system configuration.
Installation and start of operation:
Hardening Guides (Security Checklist) to support the secure configuration of the
product according to the individual customer's security policy.
Operation and maintenance:
Proactive Vulnerability Management to identify, analyse and resolve security
vulnerabilities that emerge after products have been released, and to deliver
guidance to customers how to mitigate or close these vulnerabilities.
Figure: Unify Baseline Security Policy- from Design to EOL
For more information about the Unify product security strategy we refer to the
relevant Security Policies [3], [4], [5].
As we at Unify define a secure product, our products are not secure, but - they
can be installed, operated and maintained in a secure way. The level of the
products security should be scheduled by the customer.