A Call for Discretion

How voip is changing the art and architecture of telephone security.

In The Good Shepherd (don't worry, I won't spoil the movie for you) Matt Damon's character, Edward Wilson, receives a phone call one evening at his residence. Upon answering, Edward flips a switch at the base of the phone and a red light is illuminated to indicate that for the remainder of the call a secure session has been established. The reason for creating the secure connection is to ensure that entities who may have access to the circuit-switched network will not have knowledge of the discussion, should they be listening.

From operator-controlled plug boards and automated telephone switches on the public switch telephone network (PSTN) to voice over Internet protocol (VoIP) systems, telephony innovation continues. On the PSTN, a select few telecommunications firms control the circuits, or telephone lines, which has led to a general consensus that the PSTN is a relatively secure communication environment. Unless of course you have discussions of a sensitive nature, including the classified world, as Edward did. Enterprises have realized cost savings by bringing internal call control under their own management using a private branch exchange (PBX). When calls need to be routed outside the PBX-controlled space, enterprises engage the services of the telephone carriers.

With the introduction of VoIP, voice communications have moved from the controlled network environment of the PSTN onto the Internet (and from the PBX space to the, formally data only, Intranet). The use of VoIP introduces new vulnerabilities and threats. When approaching enterprise risk management for VoIP deployments there are two generally opposing views. The first is that VoIP should be treated as data traversing the network, while the second feels that there are tremendous vulnerabilities and threats related to voice. Proponents of the latter believe there should be a separation of the voice and data traffic, even to the point of deploying an additional physical infrastructure to carry voice.

A more realistic view is somewhere in between. Exactly where is for each enterprise to decide, but each requires a secure architecture (unless you want your employees eavesdropping on your phone calls and potentially posting your conversations on the Internet). Following the system development life-cycle, including security representation at each step in the process, for a given VoIP deployment can help an enterprise determine the appropriate risk management strategy. An enterprise need not start from scratch. The Voice over IP Security Alliance has published a Threat Taxonomy and is developing security requirements and best practices guidance. Several government entities have developed publicly available security guidance for deploying VoIP systems, including the National Institute of Standards and Technology and the Department of Defense. And don't forget to ask your VoIP equipment suppliers about the security functionality available in their products.

While there may not be a commercially available VoIP-capable phone with a red light to indicate a secure call is in progress (see Phil Zimmerman's latest innovation, the Zfone Project, for potentially the next best thing), your enterprise can create a secure VoIP environment for an increasingly mobile workforce.

The views expressed in this article do not necessarily reflect those of Lockheed Martin Corporation.