Leading suppliers of voice over IP systems have formed
the VoIP Security Alliance (Voipsa) to help address user concerns
about the security risks involved in using the
technology.
VoIP puts voice conversations into data "packets" so they can go
over IP data networks instead of the public switched telephone
network. However, this means that VoIP conversations, just like
data traffic, could be hacked into.
Voipsa has the backing of 3Com, Alcatel, Avaya, Tipping Point,
Siemens, Spirent, Symantec and the Sans Institute, among
others.
The allliance said that as VoIP became more widespread, so the
technology would become a more attractive target for hackers, with
attacks on VoIP-based systems occuring as hackers became more
familiar with the technology.
Voipsa aims to help organisations understand and avoid VoIP
security risks through discussion lists, white papers, the
sponsorship of VoIP security research projects, and the development
of tools and methodologies for public use.
Brian Kelly, director of the US Giuliani Advanced Security
Center at professional services firm Ernst & Young, said,
"Despite the advantages of VoIP, if the technology is not
implemented properly and securely, we will likely circumvent
existing security controls and expose our networks."
More details on Voipsa can be found at:
www.voipsa.org.