resource center
  See your link here
|
IDG News Service -
Germany's Federal Office for Security in Information Technology (BSI) is warning businesses of potential security risks with voice-over-IP (VoIP) technology, in a study presented at the Systems IT exhibition and conference in Munich.
The VoIPSec report, released Monday at the opening of Systems, appeared one day before Skype Technologies SA, one of the world's largest providers of VoIP service, acknowledged critical flaws in its software and urged users to upgrade to the latest version.
In its report, the BSI warned that although no spectacular attacks in the business world have been reported yet, it's only a matter of time before problems emerge.
The report lists 19 varieties of attacks on VoIP systems that can lead to a number of security threats, such as identity theft, data manipulation, transmission errors and incorrect billing. Also, VoIP opens the door to the various forms of malicious software that can spread wildly in data networks, such as viruses, worms and Trojan horses, according to the report.
Authors of the VoIPSec study are urging companies to analyze where they plan to implement VoIP, how crucial secure communication is to that particular business process and what level of security can be ensured. And although one of the biggest sales pitches of companies supplying VoIP systems is the convergence of voice and data networks, the authors are recommending a separation of IP voice and IP data networks."
The study is available online in German.
In a panel discussion at the Systems conference, Manfred Fink, president of Manfred Fink Security Consulting, urged businesses to be aware of the hype surrounding VoIP. "Manufacturers are telling businesses how they can save money by converging their voice and data networks," he said. "But IT managers should be aware that the money they may save in combining their IP voice and data networks could be offset by the money they will need to spend to make these networks secure."
Detlev Henze, a security expert in the IT security unit of the safety control agency TUV Rheinland Group, urged users to move "very carefully" in deploying VoIP technology, especially on a global basis. "It's best to start in small, closed user groups and to work closely with security experts who are aware of the many potential risks involved in VoIP," he said. "This is a moving target."
The Systems event runs through Friday.
IDG.net
Share our Strength
Download Now
Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!
Top 10 Things to Know about Data Protection
Download Now
Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!
Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...
Ponemon Study: The Business Risk of a Lost Laptop
Download Now
Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.
Airport Insecurity: The Case of Lost Laptops
Download Now
Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...
Sign up to receive updates on the latest Security resources
CIO
Computerworld
CSO
DEMO
GamePro
Games.net
IDC
IDG
IDG Connect
IDG Knowledge Hub
IDG TechNetwork
IDG Ventures
IDG.net
InfoWorld
ITwhitepapers
ITworld
JavaWorld
LinuxWorld
Macworld
Network World
PC World
The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All
rights reserved. Reproduction in whole or in part in any form or medium
without express written permission ofComputerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc. |
