Original URL: http://www.theregister.co.uk/2006/04/27/infosec_voip_debate/

Security pros give VoIP the brush-off

V for vulnerability

By Christopher Williams

Posted in Security, 27th April 2006 11:05 GMT

Infosec Delegates at Infosec gave a resounding dismissal to a motion supporting VoIP deployment. The debate, “this house believes that the business advantages of VoIP outweigh the security concerns” ended in a fairly unanimous thumbs down, which implied security professionals don't think the technology is ready for big money corporate rollouts.

The proposers of the motion, a pair of technology consultants, said the cost benefits from switching to VoIP were great enough to make tackling the vulnerabilities head-on worthwhile. The sandwich technicians of Pret A Manger are saving themselves £10,000 per month on their communications spend having made the leap, they said.

The opposing pair, from investment banks, successfully argued that putting all their communications eggs in an IP basket is too risky at the moment.

Trial schemes and small deployments are absolutely relevant now, but piling the whole banking infrastructure on top of VoIP while still a toddler of a technology would be too much of an invitation to ne'er-do-wells, they said. Hacking traditional telephony is simple enough, but the difference with VoIP is that the attacker can be anywhere on Earth.

The feeling in the room was that VoIP needs time to crystallise as a technology. Genuine return-on-investment benefits, which will tip the debate in VoIP's favour (like a fully integrated communications desktop to increase productivity), are still further down the road.

In the meantime, it seems there's plenty of capital to be made from a burgeoning cottage industry in VoIP consultancy. ®