News Stay informed about the latest enterprise technology news and product updates.

Can security concerns put VoIP on hold?

There's no question that security is a major concern when VoIP enters the picture. A recent study by IDC examines whether those concerns could translate to a drop in the VoIP market.

The VoIP market continues to boom, but the party could end if vendors don't wise up to companies' security concerns,...

according to a recent report by research firm IDC.

The report, "Can The VoIP Market Avoid a Security-Induced Stall?," highlights the fact that there is still a fair amount of risk to companies planning to roll out VoIP, and it indicates that the companies that sell these products must address user needs before security concerns cause the market to slip. Risks include more common threats like denial-of-service attacks (DoS), Trojan horses, worms and viruses, and emerging threats like eavesdropping, Spam over Internet Telephony and phishing attacks.

"Security is very clearly on the minds of buyers at all ends of the market, from small businesses to large enterprises," said Abner Germanow, program manager of enterprise networks for Framingham, Mass.-based IDC. "And vendors have to start taking notice."

Germanow recommends potential VoIP buyers examine their risk level before deployment to determine whether VoIP is a viable technology.

"The problem people are having with VoIP is they know security is a major issue, but don't know how to approach it," Germanow said. "Vendors need to spend a lot of time looking at and alleviating these fears or the market could suffer."

For more information

Read why experts at Interop called VoIP a 'moving target'

Check out a VoIP Learning Guide

Many companies know of the common threats to VoIP, but aren't sure what steps to take or products to use to protect against them, Germanow said. Part of that problem is telecommunications workers are usually charged with VoIP deployment with little or no input from security officers or other IT departments.

Vendors, Germanow said, need to prove to potential customers that "Yes, this is secure and here's why it's secure."

Companies should ask two main questions when planning to deploy VoIP, Germanow said. They should question the business value for what they're trying to achieve with VoIP and what inherent risks are associated with it.

"You want the deployment of these technologies to represent a step forward, not a step back," Germanow said. "Security is clearly an inhibitor and customers are worried about it. People are savvy enough to know that what they're buying might not be secure."

Germanow said one good resource for vendors and potential users is the VoIP Security Alliance's Threat Taxonomy, a document made public in October listing all potential threats a VoIP system could be vulnerable to such as DoS or toll fraud. Germanow said the taxonomy is an encouraging sign that users are no longer buying into perceived security.

"VoIP is growing rapidly, but the real challenge is to evolve from a technology companies are playing with to something they can depend on. They have to weigh whether they're deploying it because it costs less or because it's better," Germanow said.

"The bottom line is, yes, the market can avoid [a stall], but not unless people start paying attention."

Dig Deeper on VoIP QoS and Performance

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.