VoIP E911 Problem Solved Just in Time to Meet The FCC Order (Read More)

More Businesses Investing in VoIP Technology (Read More)

Government Report Tackles VoIP Security (Read More)

Government Report Tackles VoIP Security

The National Institute for Standards and Technology (NIST) issues helpful guidelines for securing IP communications

A new U.S. government report weighs in on voice over IP (VoIP) security, offering valuable guidelines for solution providers and end customers.

While noting the potential of the technology, such as lower costs and greater flexibility, the report states that those deploying VoIP must do more than just plug VoIP components into existing IP networks. The integration of a VoIP system into an already congested or overburdened network could create serious problems. A key pitfall is the assumption that because digitized voice travels in packets just like other data, existing network architectures and security measures can be used as is.

In 2005, the Security Considerations for Voice Over IP Systems report was published by the National Institute of Standards and Technology (NIST). The report explains the challenges of VoIP security for government agencies and commercial users, laying out general guidelines for securing the network. Recommendations cover the following areas: Network architecture Business risk analysis E-911 emergency service Firewall protection Softphone vulnerabilities Wireless VoIP Regulatory compliance

Despite the healthy caution, solution providers believe that VoIP systems can be made at least as secure as the technology they replace—as long as security figures prominently in solution deployment. "Because VoIP is shared infrastructure, you need to apply the same defense-in-depth strategy you would with any network infrastructure," says Chris Thatcher, national practice director, enterprise security at Dimension Data North America, Reston, Va. "Successful VoIP means placing the right controls around key assets throughout the infrastructure to mitigate risk."