Over the last few years adoption of VoIP has grown rapidly. With IP telephony networks now easier to integrate with other applications, the benefits are even greater in terms of cost savings, increased efficiency and improved customer service. However, migration to an IP network also brings a host of new security challenges that are driving a trend toward voice encryption.
Voice communication remains critical for the vast majority of businesses. It needs be assured 24/7 and always go to all the right people and none of the wrong ones. In recent times eavesdropping has led to a number of information leaks in legal cases. Certain industries are particularly susceptible to this type of security risk and are thus driving the trend toward voice encryption. In finance, for example, worldwide agreements which dictate data security in the banking and finance industry make data and voice protection a legal requirement. Healthcare professionals are also aware of patient confidentiality, although no government or company is excluded from the threat of industrial espionage.
Compared with a TDM network, VoIP presents more points of access for security attacks. Overall there are four key types of security risks. The first is availability, where telephony service is rendered impossible due to a denial-of-service attack or virus. Such a risk can usually be overcome with a high-performance firewall and antivirus.
The second is confidentiality, where voice communication is intercepted via eavesdropping. This is a particular concern for financial institutions and governments due to the extreme sensitivity of the documents they work with.
The third is authentication where identity can be usurped, calling for constant identification of all users at all points of access. A final risk is integrity, where the communication is modified between its point of departure and point of arrival.
To limit the risk of such security breaches encryption of voice traffic is essential. But what form should this take? While many solutions offer media-encryption, the scrambling of the actual voice conversation, very few provide signaling encryption to protect the call setup and tear down. In order to maintain total security everything within the network must be encrypted. Protection is needed wherever there are media and signaling flows between two IP phones, between IP phones and media gateways, and between the core communication server and all other network nodes. One solution is to install hardware in front of the communication server in the gateways and use encryption-optimized firmware in the phones.
An advantage of this hardware-based solution is that it has no impact on voice communication quality. Software-based solutions, which are the market norm, leverage the processing power of the CPU and necessarily increase CPU and memory utilization and thus reduce the system’s call-handling capacity. Furthermore, such a solution demands an additional 20 to 30 milliseconds of encryption and decryption time. If this is added to the delay brought about by an inter-European call (about 140 milliseconds), for example, the total delay produces a noticeable degradation in voice quality.
Although IP telephony can provide many benefits, it is important to keep in mind the potential risks involved. By choosing the right solution companies can ensure security while maintaining an effective communication system.
© 2008Telecom Reseller. All Rights Reserved.