One example of a real threat to security i
Posted: Sun Jan 19, 2025 6:01 am
Conversely, the US Federal Deposit Insurance Corporation (FDIC) now publishes specific guidelines for VoIP which seeks to protect any customer data which travels in IP voice-networks under the Graham Leach Billey regulations. The risks that are associated with the use of VoIP must be evaluated along with other periodic business risk assessments according to this advice. Any weaknesses must be corrected as soon as they are identified and another nine recommendations are listed for organisations to comply with.
s described by a mexico telegram VoIP industry insider as follows. A client who suspected that eavesdropping was taking place decided to plant falsified information within VoIP calls to observe whether it was later referred to by the parties he suspected were listening. It transpired that the VoIP calls had been tapped by a third party which had access to the corporate network. There is another example often cited where the video communications of a CEO were illicitly accessed.
Voice termination – the future
Some business leaders try to educate themselves in order to keep in step with the regulations but this is notoriously difficult to do. Many others overlook VoIP completely, considering it to be ‘just’ an invulnerable phone system. As regulations become more complex, businesses will be forced to address their VoIP compliance head-on, possibly by investing in internal structures to monitor and implement them or by paying for the services of a third party expert.
The tasks can quickly become overwhelming for an average sized IT department, who as well as complying with the regulators’ demands and producing compliance reports every quarter, may also have security verification demanded as part of other contracts. Businesses that routinely record their VoIP calls will need to consider the regulations in terms of storing them, in the event that conversations should be illicitly accessed.
It is a good idea to respond to details of published attacks by comparing the systems involved with your own in order to scrutinise defences. Could you have stopped a similar attack occurring? If the answer is no, it will be necessary to take further action. However, the opportunity to learn from others’ misfortunes is limited because there is no incentive for companies to disclose if they have suffered a breach.
Here at IDT we are a businesses that can take advantage of the services of consultants and other specialists and have a proven track record in deploying VoIP solutions.
s described by a mexico telegram VoIP industry insider as follows. A client who suspected that eavesdropping was taking place decided to plant falsified information within VoIP calls to observe whether it was later referred to by the parties he suspected were listening. It transpired that the VoIP calls had been tapped by a third party which had access to the corporate network. There is another example often cited where the video communications of a CEO were illicitly accessed.
Voice termination – the future
Some business leaders try to educate themselves in order to keep in step with the regulations but this is notoriously difficult to do. Many others overlook VoIP completely, considering it to be ‘just’ an invulnerable phone system. As regulations become more complex, businesses will be forced to address their VoIP compliance head-on, possibly by investing in internal structures to monitor and implement them or by paying for the services of a third party expert.
The tasks can quickly become overwhelming for an average sized IT department, who as well as complying with the regulators’ demands and producing compliance reports every quarter, may also have security verification demanded as part of other contracts. Businesses that routinely record their VoIP calls will need to consider the regulations in terms of storing them, in the event that conversations should be illicitly accessed.
It is a good idea to respond to details of published attacks by comparing the systems involved with your own in order to scrutinise defences. Could you have stopped a similar attack occurring? If the answer is no, it will be necessary to take further action. However, the opportunity to learn from others’ misfortunes is limited because there is no incentive for companies to disclose if they have suffered a breach.
Here at IDT we are a businesses that can take advantage of the services of consultants and other specialists and have a proven track record in deploying VoIP solutions.