Is Your VOIP Secure?

Tuesday, December 07, 2010

Simon Heron

A88973e7d0943d295c99820ab9aeed27

VOIP has tremendous benefits for business users – which include cost savings and greater productivity – but like anything else it comes with associated security risks for the corporate network, and these risks must be identified prior to VOIP being rolled out.

(It’s also worth those businesses that currently use VOIP checking their security procedures.)

Our new guide to VOIP security highlights some of the specific threats to businesses using VOIP systems and provides advice on how these risks can be mitigated.

For example, businesses may be able to operate with greater flexibility using VOIP, but have the privacy implications been considered?

It’s much easier to hack a VOIP data steam than an analogue phone line. Sensitive corporate data can easily be compromised, and when you consider the massive fines being levied by the ICO, it’s clear that businesses must avoid data breaches at all costs.

The increased uptake of VOIP technology has created a number of new avenue for fraudsters and hackers. 

One example is “Vishing” campaigns launched against unsuspecting VOIP users.

Vishing – basically phishing attacks made via VOIP – is a new threat which is likely to grow in sophistication before long.

Another threat is that of Toll Fraud which frequently catches out companies who have not secured their VOIP systems correctly.

Many of security vulnerabilities listed in the guide can be mitigated through the implementation of rigorous security procedures and processes, many of which should already be standard practice (like a strong user authentication system).

Further details of how businesses can secure themselves against VOIP specific threats can be found in the guide over at the Redscan website.

Cross-posted from Redscan

Possibly Related Articles:
15126
Vulnerabilities
Vishing Vulnerabilities Web Application Security VoIP Security
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.