Worries about the security of voice over IP (VoIP) systems are scaring many potential customers away, according to analysts, who
Requires Membership to View
To gain access to this and all member only content, please provide the following information:
By submitting your registration information to SearchITChannel.com you agree to receive email communications from the TechTarget network of sites, and/or third party content providers that have relationships with TechTarget, based on your topic interests and activity, including updates on new content, event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile, unsubscribing via email or by contacting us here
- Your use of SearchITChannel.com is governed by our Terms of Use
- We designed our Privacy Policy to provide you with important disclosures about how we collect and use your registration and other information. We encourage you to read the Privacy Policy, and to use it to help make informed decisions.
- If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States.
have been warning about the problem for more than a year.
But solutions providers can not only overcome those worries, they can net additional business in the process.
 |
||||
|
|
|||
|
||||
Security is the "main impediment" to more widespread VoIP deployment, said Dustin Kehoe, senior analyst for Current Analysis. It will eventually be the role of vendors to provide VoIP security, either built-in or through add-on products, but most are still a year or two off, Kehoe said. In the meantime, value-added resellers (VARs), systems integrators (SIs) and managed service providers (MSPs) can step in and fill the need.
The biggest opportunity is in selling VoIP security network monitoring services, Kehoe said.
"It'll drive the market for security specialists," he said. "The hardware can only do so much. You need people to actually look for breaches, just as you would a corporate network."
Dan Holt, CEO of Fort Collins, Colo.-based Heit Consulting, agreed. Heit sells Cisco VoIP systems to banks and credit unions, and always tries to package it with network monitoring, security or other managed services.
"We feel like it's critical," Holt said. "[Customers] do some type of managed services with us, and it still ends up being cheaper than the maintenance they were paying for their old PBX systems."
Heit also provides an extra layer of protection by selling Cisco Self Defending Network, which offers firewall, intrusion prevention system and other features.
"If you have those in place, you're making an enormous impact on the security of your VoIP network," Holt said.
Kehoe outlined two main ways hackers could exploit VoIP security: launching distributed denial-of-service (DDoS) attacks to reduce network and endpoint availability, and potentially more damaging, using the voice server as a back-door entrance to the corporate IT network.
But Phil Hochmuth, senior analyst for the Yankee Group, downplayed concerns over VoIP security. VoIP networks become secure using the same techniques as other networks -- through basic best practices, including network perimeter security and strong password management.
Most serious threats would have to come from inside the network, because hackers need to see the call server or know the IP or MAC address of a phone to launch an attack, Hochmuth said.
"It would be hard to take down a VoIP network from the outside," he said.
Still, customers have the perception that VoIP security is lacking, Holt said.
"It's a hurdle we have to get over, without a doubt," he said.
Heit's customers in the financial sector shied away from VoIP about two years ago, when the FDIC warned about security vulnerabilities. They are slowly becoming more accepting, and most will feel comfortable with VoIP security after talking with Heit's technical and sales staff, Holt said.
"Usually it just takes a bit of education," he said.