Secure Voice (TLS) protects sensitive call data from unauthorized access. With Avaya Cloud Office, all data is encrypted in transit and at rest, using applicable industry-leading encryption, standards, and protocols.
Avaya Cloud Office addresses vulnerabilities in the VoIP data plane by safeguarding voice communications with an advanced secure voice technology that prevents eavesdropping on calls or tampering with audio streams between all endpoints—desk phones, as well as computers and mobile phones running an Avaya Mobile or softphone app. Avaya Cloud Office uses two enterprise-grade security protocols to provide additional security for IP phone calls—TLS authentication and SRTP encryption:
- Transport Layer Security (TLS) is a cryptographic protocol that provides encryption on the Session Initiation Protocol (SIP) signaling data. This protocol secures the SIP signaling communication between supported endpoint devices and the Avaya Cloud Office servers.
- Secure Real-Time Transport Protocol (SRTP) is a profile of the Real-Time Transport Protocol (RTP) that provides encryption, message authentication, and integrity, as well as replay protection to the RTP packet stream that is transported between supported endpoint devices and the Avaya Cloud Office servers
The model below illustrates the concept of Data Exchange between ACO and its Endpoints: The TLS Handshake and SRTP Transmission enables the Client (Phone) and Server (Avaya Cloud Office) to share the secret keys using which they encrypt and decrypt Data / Voice / Speech to establish secure Communication to prevent eavesdropping