• United States
by Steve Taylor and Larry Hettick

How secure is VoIP?

Apr 28, 20032 mins

* The question of VoIP security

One of the most persistent – and, in our humble opinion, misunderstood and misrepresented – questions raised with respect to voice over IP is whether VoIP is sufficiently secure for corporate communications. While this is much too massive a topic for a single newsletter, we do want to hit a few of the highlights.

“Perspective” is the key word for evaluating VoIP security. Having a secure network is not a binary “secure/not-secure” choice. Rather, it’s a continuum of balancing the trouble of providing security with the value of the information. So long as the cost to hackers of obtaining confidential information far outweighs the value of the information itself, the odds of having this information compromised are quite low.

As a first step in providing security for VoIP, it’s useful to divide the task into two major categories. The first of these is the security of the voice network infrastructure. This involves protecting the servers from attack so that the voice network itself remains intact. Just as you don’t want your internal data servers hacked, you don’t want your servers that happen to be IP PBXs hacked. The good news here, though, is that you hopefully already have a good security infrastructure for your “data” servers, and your IP-PBX equipment will simply become a part of this infrastructure.

The second step is protecting the voice conversation content. There seems to be a widespread misconception that conversations that are transported over IP are less secure than traditional telephony conversations. In reality, the opposite is true. As a rule, it’s tougher to hack into VoIP content than it is to tap a traditional telephony conversation.

Ultimately, the comparison has to come down to comparing VoIP with traditional telephony. And VoIP is going to score quite well in most areas.

We’ll continue to track this area in this column. But if you want a more detailed discussion now, Steve has just published a feature-length article on VoIP and Security. It’s available at the Webtorials.Com site at: