VoIP Players Form Security Alliance

UPDATED: Nearly two-dozen Voice over IP industry players
have formed a new group to ensure that VoIP security keeps pace with
adoption.

Spearheaded by 3Com’s TippingPoint intrusion prevention
unit, the VoIP Security Alliance
(VOIPSA) will run discussion lists, publish white papers and sponsor
research.

Other VOIPSA members include network gear maker Alcatel ,
communications software developer Avaya , Columbia
University and security software vendor Symantec .

“We’ve been recruiting members for the past couple of months,” Laura
Craddick, a TippingPoint spokeswoman, told internetnews.com. “In
about a week we’ll hold a conference call to discuss future projects.”

Membership is free and still open. Craddick hopes the official launch will
attract new members. VOIPSA still has pitches out to Cisco and Nortel , two of the bigger names in VoIP
equipment, she said.

VoIP is becoming increasingly popular in enterprises, with converts like
Bank of America and Ford. In addition to long-distance savings, companies moving to IP expect to cut maintenance costs, because they have only one network to manage.

IP telephony also makes handling employee moves more efficient; businesses
can scale up or down without calling vendors. That
cost could be significant in large companies.

On the consumer side, the number of U.S. households using VoIP will jump
from 400,000 to 12 million over the next five years, according to new
report from JupiterResearch, which is owned by the same parent company as
this site.

VoIP is being heavily marketed by cable
companies
, telecoms and independent VoIP specialists.

But some security experts are concerned VoIP networks could be vulnerable
to Denial-of-Service attacks and even a distant risk of spam.

“The same threats on a data network are also inherent in a VoIP deployment,”
Craddick said. “Then there are additional risks in VoIP protocols.”

For example, security organizations have previously flagged vulnerabilities
in Session Initiation Protocol and the H.323 networking
protocol.

An earlier version of this story misidentified TippingPoint’s specialty. It is an intrusion prevention company.

Latest Articles

Follow Us On Social Media

Explore More