Voice over Internet protocol, or VoIP, has infiltrated the enterprise to replace the public switched telephone network. It brings with it convenience and cost savings, but also real security threats. As our own Carl Weinschenk pointed out in a post from last year, these threats include: "phreaking," wiretapping, identity theft, VoIP phishing (Vishing), denial of service (DoS) attacks, spamming, call tampering and man-in-the-middle attacks.
However, while security can be a challenge, it’s a fact of VoIP life that just requires careful planning on your part. To help, check out this excerpt, called “What Is IP Telephony Security and Why Do You Need It?” It comes from “Securing Cisco IP Telephony Networks” published by Cisco Press and offers a clear definition of telephony security, as well as current threats. It also gives you a guide to the tools available to defend yourself against those threats.
Below are other VoIP-related tools to help familiarize yourself with the technology and to put the right people in place to implement it in your organization.
Understanding Voice over Internet Protocol (VoIP): This paper discusses the advantages and disadvantages of using VoIP services, focusing primarily on security issues. VoIP offers cost-savings and added functionality, but can over-task your infrastructure without proper planning.
Job Description: VoIP Engineer-Architect: VoIP Engineers are responsible for a wide range of network functionality, from configuring PBXes to overseeing implementation projects. This sample job description will help you make this critical hire.
'VoIP Performance Management and Optimization' Excerpt: This book chapter will give your team an overview of issues with maintaining the backbone of your VoIP system, which can have a dramatic impact on the quality of service for voice and other communication apps.