- BlackBerry Storm vs. the iPhone
- 2008 IT industry graveyard
- Top 10 worst uses for Windows
- Economic crisis means double duty for IT pros
- BlackBerry Storm, RIM's first touchscreen device, rolls in
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Test your Web Filter | Value of WDS
Making it possible for law enforcement to tap VoIP calls will open Internet security holes that could endanger corporate voice and data traffic, according to a report by a group of respected Internet figures.
| How soon will legal taps hit VoIP The FCC has set May 14, 2007, as the date VoIP service providers must comply with the federal wiretapping law called Communications Assistance to Law Enforcement Act (CALEA), but the technical hurdles are high. Some of these: |
||||||||||||||
|
With the federal wiretapping law scheduled to apply to providers of VoIP next May 14, now is the time for businesses to evaluate whether to take steps to counter the risks it represents, the experts say.
The report, "Security Implications of Applying the Communications Assistance to Law Enforcement Act to Voice over IP," calls CALEA wiretapping "an architected security breach" that could be exploited by unauthorized parties.
Given the difficulty of isolating voice packets among data packets mixed in a stream, even legitimate use of wiretaps will inevitably result in capturing more than just the phone calls authorized by CALEA court orders, says David Endler, a director of the Voice Over IP Security Alliance, an industry association focused on developing VoIP security standards. "How would you limit it to voice? This apparatus would have to capture everything," he says.
With businesses embracing converged networks that carry voice and data, this puts more than phone calls at risk - instant messaging, e-mail and any corporate transactions made over the Internet could be captured, the report says.
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment