Over 90% of computer phones (VoIP) are not secure because they use a public known codex (publicly known encryption of sound packets) and a publicly known protocol to transport voice conversations. Therefore, users of these type of services are unknowingly exposing themselves to anyone who wants to listen in or access their confidential information. In addition, because of the public openness, the user's computer's vulnerability can result in a costly computer crash and total loss of all information.
Peer-to-peer computer phones are on unsecure lines.
There are five areas to address when checking for Security when looking for a VoIP Service Provider. Here's how a VoIP Service should protect your security, whether on dial-up, wireless, satellite, or cable connections.
1. Call Security: A VoIP service's audio (your voice) should compress your voice into proprietary encryption packets to travel across the internet, and return back to voice at destination. That particular VoIP service should host proprietary software, and as such, the only one that can interpret the voice and data contained in those packets.
2. Computer Phone Identity: When your first download and install a VoIP provider's computer phone, a confidential phone number and password should be given to protect against unauthorized installation. To protect against unauthorized installation, your computer phone's setup process should combine the phone name and hardware data from the PC on which it was installed to create a unique ID string known only to that VoIP's own server. Because of the association between the unique ID with that particular PC, it prevents one person from reconfiguring their VoIP service's computer phone to spoof another. It also prevents someone from copying that VoIP service's software to another PC and then using it without having gone through the password-protected installation process.
3. Client Server Model: The VoIP service should follow a client-server model. The client is the softphone offered by a particular VoIP service. That particular VoIP service's Server should be behind a highly secure proprietary firewall hosted in a professional facility. Any information shared should therefore only be between the client and server of that particular VoIP service. This means, that unlike some peer-to-peer solutions, private information about "buddy" lists or call patterns, etc., remains entirely confidential.
4. Softphone Setup: Firewalls vary widely and each network configuration may be quite different. When a VoIP service's softphone first initializes, it discovers its ability to reach that VoIP's service server, as well as a variety of ports and protocols for placing calls, depending on the results of its discovery. In a strict environment, the VoIP service's softphone uses the same path the proprietary firewall already permits for web browsing (typically TCP ports 80 and 443). This allows users to make calls from anywhere without compromising or reconfiguring their own firewalls.
The VoIP service's softphone should be able to initiate conversations with that VoIP service's server and keep the server updated as to its status. By doing this, no public IP address needs to be setup for the PC running the computer phone. It also enables user flexibility without concern about security or privacy when moving from network to network. The VoIP service's computer phone should be compatible with Network Address Translation (NAT) and Port Address Translation (PAT), and the kind of dynamic addressing that is found in wireless "hotspots", hotel internet access, and dial-up.
5. Monitoring Capability: A strong security model should include an auditing mechanism to monitor usage and activity. This means that each computer phone should include its own usage log, enabling users to look through their own personal history of inbound, outbound, and missed calls. In addition, the VoIP service's website should provide users the ability to view all individual phone call charges using the already set up confidential number and password.
By Dee Scrip and her close friend Andy Murray
Jumat, 11 Juli 2008
The Single Most Important Thing to Know About Computer Phones (VoIP)
Langganan:
Posting Komentar (Atom)
Tidak ada komentar:
Posting Komentar