Caution urged for switch to internet phones

January 26, 2005

Federal agencies and other organizations that are considering switching their telephone systems to Voice Over Internet Protocol (VOIP) should proceed with caution and carefully consider the security risks, says a recent report* by the National Institute of Standards and Technology (NIST).

VOIP is an important emerging technology that makes it possible to place telephone calls using a broadband Internet connection rather than traditional, circuit-based telephone lines. While it shows promise for lower cost and greater flexibility, VOIP has a very different architecture than circuit-switched telephony, and these differences result in significant security issues.

"Administrators may mistakenly assume that since digitized voice travels in packets, they can simply plug VOIP components into their already-secured networks and remain secure. However, the process is not that simple," says the NIST report. Implementing common security measures into VOIP, such as firewalls and encryption, can cause poor voice quality and blocked calls if not done carefully and with the proper equipment. Designing, deploying and securely operating a VOIP network is a complex effort that requires careful preparation, says the report.

NIST recommendations to help in the transition to secure VOIP include: develop appropriate network architecture, including separate voice and data networks where feasible and practical; ensure that the organization can manage and mitigate risks to their information, system operations, and continuity of essential operations when deploying VOIP systems; use and routinely test the security features included in VOIP systems; update VOIP software regularly and frequently; and, since worms, viruses and other malicious software are common on PCs connected to the Internet, do not use "softphone" systems that implement VOIP using a PC with a headset and special software.

*D.Kuhn, T. Walsh, S. Fries, Security Considerations for Voice Over IP Systems, NIST Special Publication 800-58, is available at

Source: NIST

Explore further: New research shows vulnerability in mobile phones' applications offering voice communication security

Related Stories

AOL says to sell 800 patents to Microsoft for $1.0 bn

April 9, 2012

AOL announced plans to sell more than 800 patents to Microsoft in a $1.056 billion deal giving the struggling Internet pioneer a needed cash injection as it seeks to fend off pressure from shareholders.

Recommended for you

Horn of Africa drying ever faster as climate warms

October 9, 2015

The Horn of Africa has become increasingly arid in sync with the global and regional warming of the last century and at a rate unprecedented in the last 2,000 years, according to new research led by a University of Arizona ...

What are white holes?

October 9, 2015

Black holes are created when stars die catastrophically in a supernova. So what in the universe is a white hole?

Could 'The Day After Tomorrow' happen?

October 9, 2015

A researcher from the University of Southampton has produced a scientific study of the climate scenario featured in the disaster movie 'The Day After Tomorrow'.

A mission to a metal world—The Psyche mission

October 9, 2015

In their drive to set exploration goals for the future, NASA's Discovery Program put out the call for proposals for their thirteenth Discovery mission in February 2014. After reviewing the 27 initial proposals, a panel of ...

Scientists paint quantum electronics with beams of light

October 9, 2015

A team of scientists from the University of Chicago and the Pennsylvania State University have accidentally discovered a new way of using light to draw and erase quantum-mechanical circuits in a unique class of materials ...


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.