VOIP Is As Secure As You Make It
VOIP & Telephony Center Editor Ellen Muraskin says that enterprise VOIP is just as secure as traditional voice as long as you keep your LAN under wraps.Jim Louderback was laying down the gauntlet and challenging me, his newly minted VOIP/Telecom topic center editor, when he wrote "Security Holes Make VOIP a Risky Business." But he flings his glove upon some incorrect assumptions. First, he appears to be mixing up the hobbyists early adoption of Voice-over-the-Internet with the more sober, secure, and sonorous VOIP- based telephony systems that businesses now install. The former dawned about 1995 with VocalTec software you could buy in a box at CompUSA for $50, and was used primarily by technophiles speaking voice packets home to Mom in India, over the open Internet. Voice quality was choppy and delayed. The latterenterprise IP telephonytakes place almost exclusively over managed data networks, using leased lines, a companys own fiber on its own campus, or frame-relay connections. VOIP conversations sent as the payload of IP packets, using IP protocol, therefore should not be confused with "Voice over the Internet," which traverses the open, vulnerable medium: what Jim ends his column by calling "the dirty net." Managed WANs dont touch that dirty net.
The short answer to the security question is that when voice is sent as IP-encapsulated data, it relies on the same firewalls, intrusion detection systems, VPN technology, authentication and partition safeguards as data networks, and is as secure as that data.