Small firms have big worries over VoIP

Small and medium-sized businesses (SMBs) remain very concerned about IP telephony security, new research has claimed.

A report conducted by IDC for the Computing Technology Industry Association (CompTIA) reveals that only half of smaller firms trust the security offered by IP telephony vendors.

The findings of the poll of 350 SMBs (500 or fewer employees) represented only a slight improvement from a year ago, when 48 percent said that they trusted IP telephony security.

But IP telephony still lags behind traditional telephony systems (82 percent), Ethernet data networks (72 percent) and wireless local area networks (60 percent) in the security confidence levels of SMBs, according to the research.

"People are much more sensitised to disruptions in voice communications than they are with data communications," said John Venator, president and chief executive at CompTIA.

"If the delivery of an email is delayed by 30 seconds, neither the message sender nor the receiver is likely to notice. But a 30-second gap in the middle of a phone call is another story entirely."

Venator added that even a brief interruption in voice service can have disastrous consequences for an organisation in lost business, downtime, customer dissatisfaction or negative publicity.

"That is why it is incumbent on IP telephony vendors and solution providers to place security at the forefront of their offerings, and not leave it as an afterthought," he said.

The report noted that, when IP telephony and related technologies were in their infancy with relatively few deployments, hackers and criminals had little interest in attacking these networks.

But as the technology has gained broader acceptance in the business and consumer markets, new and ever more sophisticated security threats have arisen.

The same types of attacks that plague the data environment, such as viruses, worms and Trojan horses, can also affect an IP-based communications environment as well, the study warned.

"Because voice and data communications are running on the same infrastructure, the entire availability of the IP network could be compromised, putting at risk an organisation's ability to communicate via either voice or data," stated the report.

"If security considerations make the quality of IP telephony unacceptable, it becomes a barrier to conducting business.

"The organisation's IT department must be vigilant and aware of new and changing threats to IP-based communications systems."