The VoIP market continues to boom, but the party could end if vendors don't wise up to companies' security concerns, according to a recent report by research firm IDC.
The report, "Can The VoIP Market Avoid a Security-Induced Stall?," highlights the fact that there is still a fair amount of risk to companies planning to roll out VoIP, and it indicates that the companies that sell these products must address user needs before security concerns cause the market to slip. Risks include more common threats like denial-of-service attacks (DoS), Trojan horses, worms and viruses, and emerging threats like eavesdropping, Spam over Internet Telephony and phishing attacks.
"Security is very clearly on the minds of buyers at all ends of the market, from small businesses to large enterprises," said Abner Germanow, program manager of enterprise networks for Framingham, Mass.-based IDC. "And vendors have to start taking notice."
Germanow recommends potential VoIP buyers examine their risk level before deployment to determine whether VoIP is a viable technology.
"The problem people are having with VoIP is they know security is a major issue, but don't know how to approach it," Germanow said. "Vendors need to spend a lot of time looking at and alleviating these fears or the market could suffer."
Vendors, Germanow said, need to prove to potential customers that "Yes, this is secure and here's why it's secure."
Companies should ask two main questions when planning to deploy VoIP, Germanow said. They should question the business value for what they're trying to achieve with VoIP and what inherent risks are associated with it.
"You want the deployment of these technologies to represent a step forward, not a step back," Germanow said. "Security is clearly an inhibitor and customers are worried about it. People are savvy enough to know that what they're buying might not be secure."
Germanow said one good resource for vendors and potential users is the VoIP Security Alliance's Threat Taxonomy, a document made public in October listing all potential threats a VoIP system could be vulnerable to such as DoS or toll fraud. Germanow said the taxonomy is an encouraging sign that users are no longer buying into perceived security.
"VoIP is growing rapidly, but the real challenge is to evolve from a technology companies are playing with to something they can depend on. They have to weigh whether they're deploying it because it costs less or because it's better," Germanow said.
"The bottom line is, yes, the market can avoid [a stall], but not unless people start paying attention."