Functionally, there isn't a big network security risk with streaming video or audio itself, but there are inherent risks with having the UDP ports open on your firewall to allow the streaming. And there's a host of security vulnerabilities in the technology that enables the streaming, such as buffer overflow vulnerabilities on Microsoft IIS servers running Windows Media Services on older Windows 2000 machines.
Your client also needs to be aware of performance issues that may arise from the bandwidth volume. Streaming video and audio is much better behaved than it used to be, but it still drains resources. For these reasons, your client needs to determine whether video and audio are important tools to help achieve the company's objectives, and whether to devote bandwidth and security resources to the process.
If the client doesn't need streaming audio or video to conduct or further business, and their employees are doing this for entertainment, they should think about not allowing it on a policy level. As a rule, company computing resources are to be used for company business, and any other use should require a needs analysis and a change in policy.
This was first published in September 2007