Voice over IP Security

Much ink has been spilled over the vulnerabilities created by running voice traffic over data networks. But smart CSOs are, in fact, going to use voice over IPand similar forthcoming technologiesto their benefit.

March 01, 2005 — CSO — When Bernalillo County in New Mexicohome of the city of Albuquerquecommitted to a new courthouse, the designers naturally wanted to build the most secure facility possible. But for courthouses, security is defined as including both the integrity of the physical structure (the assault on the Murrah Federal Building in Oklahoma City has made structural robustness a must-have feature) and the reliability of the personnel mobilization system. Unfortunately, it wasn't clear that Bernalillo County could have both.

Improving mobilization meant establishing a guaranteed connection to security personnel, one that could not be cut and one in which calls always reached the intended person quickly. Improving physical security meant lots of metal and concrete. Portable phones were an attractive and probably essential solution for the mobilization problem. But the materials used to solve the physical security issue played havoc with the frequencies used by wireless phones, causing missed or dropped calls.

The designers found a way of reconciling this conflict with a new technology called voice over wireless IPsending telephony over a wireless local area network (LAN). Since wireless routers are cheap (relative to configuring wired networks), they were able to position a new access point anywhere the physical structure imposed an interference problem. After some experimentation ("Can you hear me now?"), they arrived at a communications system that was both seamless and ubiquitous, without having to sacrifice the robustness of the building itself. And according to Paul Roybal, CIO of the Metro Court, the system is also used to support the "telepresence" of defendants at routine court hearings, thus increasing security by reducing transportation requirements as well.

When VoIP (not just the wireless kind) first became a leading enterprise technology fad, many security professionals refused even to let the technology through the front

door. From a security point of view, there was not that much wrong with plain old telephone service (POTS). Moving telephony onto the network would just make the application vulnerable to the usual network threats: viruses, worms, spam. And VoIP vendors kept hyping the technology as the poster boy for "convergence," which to a network security person is just a fancy word for "single point of failure" or "putting all your eggs in one basket."

However, smart use of encryption and redundancy can go a long way toward mitigating those risksmore on that later. More significant, the Bernalillo Metro Court illustrates the beginning of a more advanced development: using VoIP as a tool to further the security agenda, instead of complicating it.Boon, Not BaneThe potential is clearly there. The freedom to move phones freely and flexibly around a building without calling a contractor is as good for a CSO as it is for a CIO. At least in theory, VoIP simplifies the management of many pro-security trickssuch as encrypting both the message and the address; logging a long list of usage details; utilizing fine-grained resource assignments (according to Roybal, the Metro Court installation can assign communications from jurors, lawyers, judges and security personnel to different traffic priority levels); and last but not least, tightly integrating with the rest of the security infrastructurefrom a point that can be both centralized and mobile. Since legal decisions have held that companies own the data on their IP networks, it is probably even allowable to record all VoIP traffic for use in future investigations.