Shawn P. McCarthy | If planning on VOIP, plan on encryption, too
Internaut | Commentary: Encryption is a critical part of any voice over IP system
- By Shawn McCarthy
- Sep 08, 2007
Shawn P. McCarthy
Voice over IP has made significant inroads at government agencies during the past few years. In particular, government offices have embraced it as a way to reduce telecommunications and maintenance costs while increasing the functionality of desktop phone systems.
But some offices may not have considered the security issues associated with a VOIP transition.
New VOIP users should be aware that many solutions do not yet support encryption. Open-source systems are available to help identify and intercept VOIP conversations, so it is now a fairly straightforward process to eavesdrop on, or even alter, VOIP calls if a hacker wants to make the effort.
Some VOIP managers have found a partial encryption solution for limited IP-to-IP calls. They use Inline Network Encryptors, which sometimes are in place on networks, to help secure network data traffic. But this only enables secure calls to other IP-enabled phones. It cannot support nonsecure calls, nor can it access non-IP networks. This effectively isolates the phone system from users of traditional systems, making it a limited solution at best.
All government offices, but particularly defense and national intelligence agencies, need secure communications. Older telephone systems can use a pair of secure systems for classified communications: the Secure Telephone Unit and Secure Telephone Equipment systems.
Both provide high-assurance, secure communications, but neither was designed to operate on VOIP networks. They rely on 10- to 20-year-old technology originally designed to operate via analog or ISDN systems. This has prompted development of a new set of products that government communication system managers may want to consider for their networks.
One solution from General Dynamics, called Sect'ra vIPer Phone, enables full encryption of calls from VOIP systems, and it is being evaluated for National Security Agency Type 1 certification for communications devices.
Harris has developed a series of encryption solutions for radio-based VOIP systems and, on the software side, the Zfone project lets you make encrypted calls over the Internet. The principal designer is Phil Zimmermann, creator of the PGP encryption solution.
Government information technology leaders need to consider solutions such as these because of their strong preference for managing systems themselves. When IDC Government Insights recently surveyed VOIP system owners to see who manages the deployment and day-to-day operations of their IP private branch exchange systems, 71 percent of government offices said they manage their systems in-house, and 29 percent relied on third-party management. In contrast, the national average for all industries was 53 percent for third-party and 47 percent in-house management.Shawn P .McCarthy is a senior analyst and program manager at IDC Government Insights. E-mail him at firstname.lastname@example.org.