All for one, and one for all

We're bogged down with information. When we want access to one piece of information, it can involve wading through multiple email and voicemail accounts.

As mobile working becomes more commonplace the problem increases exponentially because not all accounts are accessible from outside the office. For example, a freshly printed fax in London is no good to the sales guy on the road in Manchester.

Because of the disparate nature of modern communications, it's no wonder that unified messaging (UM) is continuing to grow. At its base level, the technology is based on a very simple premise: take all forms of messaging and store it digitally in a single, easy-to-access place.

That way, there's less information to remember and only one possible place to look for something you need. The idea is proving so popular, it has even spread to the consumer market, where many websites are giving away basic accounts for free.

For businesses, it's important to take several factors into consideration before buying such software. The first stage should be to evaluate the communications needs of your company.

You should start by examining the access methods that will be used. A computer may seem like the obvious platform for this multimedia application, but it's not the only choice. Users will not always be near a PC and laptops can take a lot of effort and time to get running in different locations.

A decent UM system will take all of this into account and provide multiple methods of accessing information.

For example, a telephone connection should be able to provide access to email through a text-to-voice system. Using this system, a synthesised Steven Hawkingesque voice reads emails to you down the phone. However, at times this may not be good enough, so the option should exist to send the mail to a local fax machine, thus providing a version of remote printing.

The next stage is to create a speech-to-text engine. At the moment voice recognition in computers is not the most reliable of applications, even when using dedicated voice headsets. When the quality of a phone line is thrown into the equation, it is difficult to do properly.

Easing installation

A more useful application of the technology is to use voice commands to direct information. Orange currently has the Wildfire service to do exactly this, although in practice using it can degenerate into a scene akin to shouting down an oversized mobile phone.

Voicemail should be accessible via the phone but so should email, as messages can be converted to a sound file and sent to a relevant address. With sound compression now advanced to an extremely high level, these files needn't be overwhelming to download.

The same kind of functionality can be applied to faxes, which should include the option to be forwarded to another fax machine or converted into a bitmap and sent via email. Again, image compression is pretty good, so a fax won't take hours to download across a slow link.

The next stage to look at is the installation of a system into the company's IT and communications infrastructure, but it's not as simple as rushing out and buying a new piece of software.

The integration needs to be carefully planned, as the UM system must be able to talk to other systems on the network, such as email and phones. This kind of work can be disruptive and difficult to perform.

A lot of money can be spent on the initial installation, so it has to be done properly. Hardware solutions can have a lot of trouble integrating with existing email systems.

Many packages have a list of PSTN switches that they will work with. We'd suggest making a list of all the equipment that you need to integrate and passing this onto the company responsible for installing your system.

This way they can ensure that the new system will work correctly when installed or advise you of what needs to be upgraded before installation can go ahead. It's no good spending money just to find that the set up won't work correctly with the local system.

From here, it's worth looking into which standards the product works with; for example, email should be SMTP, POP3 and IMAP4. Another standard impacting on messaging is the voice protocol for internet messaging.

This standard was created by the electronic messaging association and is designed to embed voicemail within email messages. The standard is open, so any email client that supports the standard will be able to deal with the format. Support also includes a built-in player for playing, cueing and reviewing information.

Improvements in wireless technology make support for mobile phones very important. Short Message Service is a widespread technology that will work with international roaming turned on.

While it may only have a 160-character limit on messages, it can be used for receiving small emails and message notifications. The same is true of pagers.

However, Wap is now appearing on most new phones and can be used to send and receive information. While it's not the easiest of technologies to use it can, at a pinch, be useful for the sales guy armed with just a mobile phone.

General Packet Radio Service, which is just starting to appear, makes it cheaper and faster for phones to access the internet, so Wap support is more important than ever.

Of course, the future will see the rollout of third-generation networks, finally providing a high-speed wireless service. At this point the mobile phone may well become the default method of accessing information.

Keeping UM secure

Security becomes more of an issue with a UM system, as there is one central store for all information. If a cracker accesses a user's system then they get access to all the information passing through, not just a single part of it.

The problem is further enhanced by the multiple access methods. While with a PC it is easy to use long pass phrases to escape dictionary-based attacks, it's much harder to do over a phone. Typically, a four-digit Pin will lock phone access.

As a result, the security surrounding this implementation has to be a lot hardier. For each system, there will be a setting that specifies how many invalid login attempts can be made before the account is locked out.

This should be set to a low number, as with cash cards, to prevent crackers getting into the system easily.

It's worth asking the UM vendor about other security features, such as the ability to detect and prevent war dialling on voicemail. War dialling is usually based around dialling a list of numbers and looking for a modem to connect to, but the technique can be used to get access to voicemail.

A decent UM system, or even phone system, should be able to tell when this technique is being used and then react accordingly.

Security goes further than this, especially when wireless communications are being used. Most mobile phones are insecure and once stolen, it's relatively easy to get information off them. In addition, most phones are incapable of dealing with secure communications across a wireless link.

The encryption used is easy to break, which is worth thinking about especially if passwords are going to be sent across the link. The best policy is to pick one type of phone that you can trust for the entire company to use.

The same kind of rules apply to personal digital assistants (PDAs). These devices are gaining popularity in the corporate environment because they are cheaper than laptops in situations where only basic communications and scheduling are required.

Unfortunately, in their default configurations PDAs are notoriously insecure. This means that the basic security settings in the Palm that allow records to be hidden are more of an organisational tool than a hard-core security device. For example, software can be written that takes all the hidden records off the Palm.

As a result, third-party applications should be considered. On a PDA, this should include secure browser and encryption software for important records. At the enterprise level, software is needed to ensure that this application remains on the devices. This is usually done by creating a profile that is subsequently checked against the device when a network hot-sync is performed.

The same approach needs to be applied to laptops to ensure that they are set up in a secure manner. This can be done by encrypting data stored on the hard drive. We wouldn't recommend leaving the security down to a New Technology File System partition and Windows NT, as these can be bypassed in a matter of minutes.

The basic principle to apply to this kind of system is to carefully examine all of the ways into it, then apply a sensible policy to each access method. If one area is insecure, then the whole system can be accessed.