|
VoIP (Voice over IP) is an increasingly popular mode of communications, gaining ground since about 2004, when it started using broadband Internet access. VoIP is vulnerable to many of the same scams and fraudulent behavior as traditional voice communications and can be a weak point in your overall network security. That’s partly because this technology was essentially built without security in mind, as Essential Computer Security’s Tony Bradley notes:
"One of the things that has offered some measure of pseudo-protection to VoIP implementations is that many VoIP hardware vendors have developed proprietary protocols for their communications. That provides some ’security by obscurity’ in that attackers are more familiar with common protocols and have to dedicate themselves to exploring and finding the weaknesses of a specific protocol if they want to exploit proprietary hardware platforms. However, VoIP is popular and that paints a target on its back."
As with other elements of your network, a key to maintaining security is ensuring your VoIP hardware and software are patched.
Encryption is also a bit tricky. Many consumer VoIP solutions don’t encrypt communications. Setting up a Virtual LAN (VLAN) could be a solution, though this may be beyond the capabilities of many organizations.
Bottom line, if you’re thinking about adopting VoIP, or already have, without first looking into how you’ll ensure security, then you’ll need to call an expert to give you some options. VoIP can be awfully convenient, but you don’t want someone else eating your lunch after listening to your calls.
Vaclav Vincalek
Pacific Coast Informer Blog
Posted August 16, 2009
Categories:
General
Security
VoIP
Comments
Add Your Comment
|
