It’s no surprise that more and more businesses have discovered the benefits of migrating to a VoIP phone system and are adopting the technology at impressive rates. In fact, Infonetics (News - Alert) forecasts a healthy seven percent CAGR for worldwide business VoIP services from 2012 to 2017.
With increased adoption comes awareness about the pros and cons of VoIP solutions, including security risks. IT World Canada recently spoke to a round table panel of IT executives about their attitudes toward VoIP phones, softswitches and related equipment with a focus on potential security issues. Canaccord, an investment firm focused on wealth management, switched to VoIP nine years ago and has been very happy with that decision. But according to Ned Zecevic, vice president of information systems, the firm is aware that VoIP opens the door for greater risk exposure than traditional phone systems.
“We have never had any issues on VoIP where we needed to have more security,” said Zecevic. “I think at this point, it’s a very solid system.” One of the main benefits of VoIP for Canaccord Is the ability to centralize and manage phone systems from one location. However, with an increasing number of employees working remotely and the popularity of BYOD, security risks are definitely introduced and need to be managed.
Eric Boehm, a partner at law firm Borden Ladner Gervais, which specializes in IT issues, added that many workers mistakenly believe voice mail and phone conversations are less prone to security breaches than email and file transfers across a corporate network. But when VoIP enters the picture that changes things and creates massive legal liabilities that need to be addressed.
“There are no particular rules based on privacy laws, but the law does say you have to take reasonable safeguards (to protect personal information),” said Boehm. “As we have more security breaches in organizations, the standard for what is reasonable is going up. There’s considerable liability if you don’t meet that standard.”
To get around some of these issues, Avaya (News - Alert) Canada encourages executives to treat voice applications as distinct from data applications, as well as securing voice traffic separately Session border controllers (SBCs) are a major asset for managing traffic and enable it to be captured, prioritized and analyzed.
“A big part of this is doing a network assessment to make sure your network will support the voice traffic you’re generating,” said Aldo Fazzalari, sales engineering director at Avaya Canada. “Do you have holes in ports, in your firewalls? That strikes at the heart of a change from legacy voice technology to new technology like VoIP.”
Edited by Alisen Downey