A Discussion of Business and IT Challenges

Home > Support > A Discussion of Business and IT Challenges

Voice over IP A Discussion of Business and IT Challenges

Consultants have learned from previous migrations that leaving both phones in place contributes too much longer learning curves and allows for end-users to resist embracing the new technology. The end-users’ learning curve can further be enhanced with formal training with delivery via live instructor-led classes, web broadcasts, or computer-based interactive training.

The Security Challenge

Security vulnerabilities when deploying VoIP in an organization is one topic that vendors do not like to talk about. The reason is simple; in most cases, it has not been addressed. As companies put voice on their data network, all of the weaknesses that exist in their data networks also become weaknesses in their voice networks. The availability of telecommunication resources can be crucial to businesses and in some cases it is more important than their data networks. Security is typically classified into three sections known as CIA (Confidentiality, Integrity, and Availability). With voice traffic going on the same network as data, confidentiality can easily be lost through the use of a “sniffer” (a network monitoring tool that captures data packets and decodes them) by an attacker. An attacker can tap into a switch or a router to capture voice traffic packets and use an open-source packet sniffer such as Vomit (http://vomit.xtdnet.nl/ ). Vomit is a tool that allows an attacker to convert sniffed voice traffic into a wav file and listen to telephone conversation. While system administrators have to worry about malicious attempts to sniff their networks, they may also have to allow their networks to be sniffed in the future. The FBI is currently pushing legislation and developing software to sniff VoIP networks as they currently have no ability to do so. They consider not having the ability to sniff voice networks a domestic security risk. If legislation passes Congress, system administrators may have to allow the very sniffing they are trying to protect their networks from. 10 Furthermore, since IP telephony systems can record a detailed call history, an attacker can gain access to this call detailed records (CDR) database and retrieve confidential telephone records. Many voice applications which have been written to provide advanced high-productivity functionalities that have little or no consideration for security. These poorly written applications

Copyright 2005 Cliconnect.com. All Rights Reserved	LEGAL PRIVACY POLICY CONTACT US
Cliconnect is a private company with branches in Canada and Brazil. Cliconnect uses high-quality VoIP technology to offer Internet Telephony services for business and residential customers. Cliconnect supports a wide range of Internet telephony equipment including Sipura 2000 and 3000, Cisco 186, Linksys PAP2 and RT31P2 phone adaptors.