IP Telephony and SMBs: A Question of Security
Though the IP telephony quality issues that had concerned SMBs have largely been solved, more than half of these are still wary of IP telephony security issues, according to a new study by the Computing Technology Industry Association (CompTIA). The research on security concerns is contained in a study on a variety of telecommunications and data conversion issues.
The survey of 350 companies with 500 or fewer employees found that just 50 percent of those businesses trust the security offered today by IP telephony product and solution vendors. That's a slight improvement from a year ago, when 48 percent of those surveyed said they trusted IP telephony security. But IP telephony still lags behind traditional telephony systems (82 percent), Ethernet data networks (72 percent), and wireless local area networks (60 percent) in the security confidence level these businesses have, according to the CompTIA survey.
"We were surprised that the figure was still that high," says Steven Ostrowski, a spokesman for CompTIA. "IP telephony still has a bit of newness for these companies, so they're not too sure about the security. Another concern is that hackers had left these systems alone before because there wasn't much value. Now the amount of information that they can get is more plentiful, so even the smallest businesses are susceptible to an attack."
The same types of attacks that plague the data environment--viruses, worms and Trojan horses--are a few examples that can impact an IP-based communications environment as well. Because voice and data communications are running on the same infrastructure, the entire availability of the IP network could be compromised, putting at risk an organization's ability to communicate via either voice or data. If security considerations make IP telephony unacceptable, it becomes a barrier to conducting business. The organization's IT department must be vigilant and aware of new and changing threats to IP-based communications systems, Ostrowski says.
"People are much more sensitized to disruptions in voice communications than they are with data communications," adds John Venator, CompTIA president and CEO. "If the delivery of an email is delayed by 30 seconds, neither the message sender nor the receiver is likely to notice. But a 30-second gap in the middle of a phone call is another story entirely.
"Even a brief interruption in voice service can have disastrous consequences for an organization, in lost business, downtime, customer dissatisfaction, or negative publicity," Venator says. "That's why it is incumbent on IP telephony vendors and solution providers to place security at the forefront of their offerings, and not leave it as an afterthought."
Data Security and Terrorism Are Top Executive Concerns
Security Costs E-Commerce $2 Billion in '06