Microsoft has released a introduction to security in Office Communications Server 2007 and its related clients (Actually back in August 2007 - but I forgot to mention it).
Instead of re-writing the introduction here is a snippet from the whitepaper "Office Communications Server 2007 – Security Overview" published by Microsoft in Augusth 2007 -
"The use of the Internet for instant messaging (IM) technologies, audio/video, and Web conferencing has been evolving since the first widely used Internet and GUI-based product, ICQ, first entered the market in November 1996 (quickly followed by AOL, MSN, and Yahoo! as the largest competitors)....
The responsible IT or security administrator has in many cases sought to fight the infiltration of the consumer products, because many shortcomings exist in the use of these technologies in a business environment. Besides the security risks and disclosure of sensitive business information that we will discuss later, these technologies have associated shortcomings in central management, in compliance management and records retention, and as a target for thieves who use them to gain sensitive business information.
This whitepaper will discuss the security features in Microsoft® Office Communications Server 2007 (OCS 2007) as it relates to the Microsoft unified communications platform and how OCS 2007 handles these security challenges in a connected world, while still delivering on the promise of presence, IM, VoIP, audio/video conferencing, and Web conferencing capabilities."
The whitepaper then continues to discuss concerns around privacy, methods of traversing firewalls in Public Instant Messaging Products etc. For OCS it discusses security in different types of users/clients, security in autoconfiguration, Network and Data Security and lastly compliance and archiving.
IMHO it's worth a read if you are new to OCS and Security, but then again who am I to judge that ;-)
Find the whitepaper here.
Btw. If you wan't to find some Easter eggs in the whitepaper then take a look at the country code for phone numbers and the text part in the last screenshot (Remember I'm from Denmark and work in a company called Inceptio ;-)