Is Your VOIP Service Secure?
For individuals, VOIP security is primarily a matter of preventing others from eavesdropping on their conversations. Some VOIP service providers offer voice security through encryption or separate data routes.
Regular precautions for transferring files should, of course, always be followed. A firewall should be in place for protecting your computer from the internet and any data or program that is downloaded should be checked for viruses.
But users should reealize that VOIP hardware devices are inherently more vulnerable to attack. Some types of equipment can be made unstable or inoperable when they receive certain types of data. Some internet phones are also susceptible to data piracy, revealing private information under certain conditions.
While this probably won't be of much concern when you're calling Uncle Tim, it is a huge concern for businesses that consistently use telephone communication for discussing sensitive business information. As VOIP popularity increases, security is becoming a growing concern and is now receiving widespread attention.
Security Issues
It's mainly businesses that need to be concerned with security issues related to VOIP. They are more susceptible to the Denial of Service (DOS) attacks and other forms of obnoxious hacking because many businesses operate personal gateways and other equipment for connecting to the internet.
There are several security issues associated with VOIP. Eavesdropping is an understandable fear with both regular and VOIP calls, but there are additional concerns unique to this technology. Since VOIP data is traveling across the internet just like any other kind of data, it is vulnerable to the same types of attacks. Hackers have countless software tools
available to them to retrieve information being transmitted over the internet. These tools are as effective with voice data as with any other kind of data.
Another security threat is the possibility of sending viruses with VOIP data. This hasn't surfaced yet, but viruses could potentially overload VOIP networks, reduced sound quality and create delays.
VOIP isn't secure against spam either. This refers to receiving unsolicited marketing calls from companies selling their goods and services.
There are several points in the transmission of VOIP calls that hackers can use to recover information. In additin to retrieving actual conversations, they can also access critical information such as user identities and VOIP phone numbers. With this information, a hacker can place phone calls using someone else's identity.
Attackers could also record phone calls while eavesdropping on conversations and even potentially restructure voice data to create discussions that never actually existed! Log files could also be accessed and altered.
There are ways currently available that address such security issues. The first is with encryption that provides the same sort of security used in sending credit card information over a secure data connection. The second is to separate VOIP data from other internet traffic by using a Virtual Local Area Network (VLAN). Both methods can degrade call quality, but they present an alternative for sensitive calls.
About the Author
Visit VOIP Solutions to learn more. Ron King is a full-time researcher, writer, and web developer. Copyright 2005 Ron King. This article may be reprinted if the resource box is left intact.
|