|
|
VoIP Security Gets Noisy
2006-11-14
It is one of the most potent threats to the corporate network, but Internet voice remains perhaps the least understood and most poorly defended security gap in the enterprise, according to a security analyst, and security specialists are aiming business users at the wrong targets.
“Vendors are focusing largely on the dangers of interception of communications on the wire, which we don’t think is the main problem at all,” said Graham Titterington, a principal analyst and security expert with Ovum. “VoIP is an intranet issue because corporations still use traditional phone companies for their long-distance service.”
Quality-of-service concerns have kept VoIP on the corporate intranet where it can be contained rather than on the public Internet where traffic could not be easily controlled, Mr. Titterington pointed out.
When companies connect their systems to the public network, they use traditional leased lines, not VoIP, for that crucial journey.
“Their primary concern currently is voice quality and functionality, and few have considered security issues,” said Mr. Titterington. “When they have, they are usually only preoccupied with disclosing sensitive information in phone calls or with unwanted marketing calls.”
But they should be concerned about a lot more than just annoying marketing calls or blurting out corporate secrets, Mr. Titterington believes.
They should be concerned with the VoIP system’s susceptibility to the very problems faced by the data network, such as VoIP versions of spam, phishing, and denial of service attacks.
VoIP Problems
In VoIP spam, a script sends out mechanically replicated voice messages that could flood the corporate system and inundate users. Or VoIP spam could be used for phishing purposes—obtaining personal information such as bank account names and passwords.
This kind of spam is particularly dangerous in the VoIP network because people generally trust the phone much more than they do the computer or email, so they are more likely to offer important information on the phone.
In the past the corporate phone system generally required some sort of human intervention, but with VoIP, the process of generating spam or phishing calls en masse is entirely automated.
There are also voice-specific threats such as toll fraud, where hackers use the corporate VoIP network to route their own calls.
Wrong Products
“Vendors are pushing their existing security products to businesses, but these products focus on the public Internet, which is not normally a component of enterprise VoIP networks,” said Mr. Titterington.
“In the process, they fail to meet the most urgent security requirements of enterprises, and do not address the specific risks of using VoIP over the corporate intranet,” he added.
Mr. Titterington believes that service providers should take more responsibility in informing their corporate clients of the nature of the threat and the available protections.
“Service providers have a unique and trusted position in the telephony space, so they should be more of a role model,” he said. “At the end of the day, vendors provide products people need, but traditional service providers have the primary responsibility to offer information and direction.”
|
|
|
|
VoIP Providers List Information |
|
|
|
If you have any constructive thoughts, creative ideas, or reasonable offers, please, contact us.
|
|
Send Email to Helen O'Neill if you have any questions either about this website, or about VoIP providers, or VoIP in general.
|
|
Send Email to our technical support if you have any technical queries.
|
About VoIP Providers List
VoIP Providers List services save time for companies searching both for information and interconnection partners, interested in voice minutes exchange, i.e. VoIP minutes termination and origination, as well as hardware and software trade. We provide information on interconnection services, VoIP hardware solutions and VoIP software , as well as overall situation in the VoIP industry.
VoIP Providers List is constantly moderated, and thus we can guarantee that any VoIP provider published in the web-based company catalogue has provided accurate details on its services and operations.
We are constantly working on improvement and development of our services. Your comments and proposals regarding the services are highly welcome. Please, do not hesitate to contact us providing with your ideas, opinion, and feed-back. We will be grateful for any information and useful links on Voice over IP, VoIP hardware, VoIP software, and VoIP Providers. |
|
|
|
|
VoIP Providers Statistics |
|
|
Providers in database: 3315
Users Online: 188
|
|
|
