Voice over Internet Protocol (VoIP) has been in use for over 15 years, and quality of service (QoS) issues have rooted out many of the initial problems and concerns related to the technology. Your clients may still have questions about security, and finding out just how easy it is for someone to listen in on a VoIP call.
One question to evaluate when considering the security of a VoIP system is the overall security of the IP infrastructure. Your client’s voice packets are no more and no less secure than any other data that travels over their Internet lines.
The overall growth of VoIP is expanding, with companies no longer viewing it as tomorrow’s innovation, but rather as a logical step in a technology approach that views collaborative communication as a central objective in a business plan. In this approach, there are several security areas that come up in the transition to VoIP:
Voice over Ethernet: Some companies have concerns that with voice packets traveling over the Ethernet that anyone will be able to listen in on a conversation. This might be true if the calls were not being conducted from two endpoints with those voice packets available only to those two points. All Ethernet traffic is switched, so unless someone has access to the physical cabling, they can’t access the conversation.
Voice over Internet: If your client is using cloud technology in any of their applications, they are already transmitting critical data over Internet lines that is likely to be much more sensitive than information being exchanged in a phone conversation. They could limit their voice-over-Internet communications to internal business, but in doing so they could be missing out on important cost savings and innovations that improve efficiency.
Packet sniffing: Packet sniffing might be a concern in a VoIP system, but it’s much harder than listening in on a traditional phone system. In order to get access to a conversation with VoIP, the intruder would first need physical access to the packets through the corporate backbone network or the switches. Remember that system data is available in these same places, which is more highly sensitive than voice packets.
Once an intruder has physical access, they still need to get to the voice packets in a protocol stack, know their physical location, and then decode them to find a single flow between two points. After that, there are still two or three more levels of decoding, and all of this must be done in real time.
If you have clients that question the security of VoIP, it’s important to remind them that their voice transmissions are less critical than other types of information that could be stolen, and work with them to ensure that their overall security approach is robust and regularly examined. Verizon’s VoIP infrastructure is equipped with fraud detection and alerting for added piece of mind.
To find out more about the benefits of using VoIP, talk with eXemplify, a Verizon Platinum Partner. We are a master agent that can help you talk your clients through their security concerns and the improvements they can expect with a VoIP system.