The VoIP Risk Factor
Security experts believe it’s just a matter of time until widespread attacks on VoIP systems begin to materialize. But there has yet to be a major event to make the IT industry sit up and take notice. Still, as VoIP adoption continues to grow, vendors and integrators are stressing the importance of building layers of security into VoIP deployments. Last November, the SANS Institute, in its annual ranking of the Top 20 security threats, for the first time included VoIP servers and phones, in recognition of the fact that collaboration technologies that weave VoIP into messaging systems provide new pathways for hackers to exploit.
The current generation of VoIP technology has transformed the IP phone into an application that can integrate with other enterprise applications, said Krishna Kurapati, founder and CTO of Sipera Systems, a VoIP security software vendor in Richardson, Texas.
VoIP today also extends beyond the network perimeter and facilitates more open access to the network, but that creates new security risks, according to Kurapati. “You’re removing the restriction of being only in one place, but opening up vulnerabilities by doing things like connecting to partners via SIP trunks,” he said.