Q: My enterprise has an extensive voice network. How important is security for this network and what are the potential threats? What is the cost of protection?
A: Rapid changes in telecommunications networks have created significant concerns for fraud detection and prevention, system abuse, unauthorized access and content privacy. Voice systems, which encompass traditional PBXs, VoIP and multi-media servers, voice messaging and unified messaging platforms, and voice gateways have evolved from closed and stand-alone to open and integrated in corporate networks. The evolution and increased complexity of these systems, combined with the migration to IP, has direct implications for security management of voice networks.
Experts agree that voice systems are open and vulnerable to security breaches. They have even stated that companies focus less on securing voice messaging platforms than on other network components, leaving them vulnerable to attacks. In fact, the threat is often underestimated.
Administrators of telephone systems have always had to deal with fraudulent calling activity, commonly known as toll fraud. Whether from internal users who may abuse call privileges or from external crackers who gain access from remote ports, software tools can be used to pinpoint unusual and suspicious calling patterns.
Next-generation communications systems such as VoIP and multi-media servers require the deployment of additional hardware devices, protocols and applications, which increase the complexity and the number of access points requiring management. Also the transmission of voice packets over corporate networks and the Internet introduces a new issue, content privacy. With voice systems on global networks, security threats now come from anywhere.
Translating security breaches into real dollar costs is a difficult undertaking. Certainly toll fraud costs can be quantified since they can be identified from bills from long-distance vendors. Security costs arising from compromised systems or outages are more difficult to quantify, but generally equate to significant costs in terms of personnel time, employee productivity and financial revenue loss. Costs arising from lost or stolen company information are also a factor to consider. For example, an employee that has left a financial services company can still access a voice mailbox and receive broadcast messages that are sent to a distribution list. Or a sensitive voice message that is transmitted across a network can be decoded and compromised. The costs to remedy and close security breaches usually exceed the cost of securing systems at implementation.
For more visit www.concord.com.
© 2005 Telecom Reseller. All Rights Reserved.