Thus, the telecom service provider has issued a warning today saying that some consumer VoIP products are using a peer-to-peer (p2p) models resulting in bandwidth being used to carry other individuals’ voice and data traffic without the user’s consent or knowledge.

It said that such applications were designed to bypass firewall restrictions by emulating a web browser.



This can spell trouble on corporate network as it makes the VoIP packets difficult to monitor, identify and audit.



Thus suggests certain measure can be taken by business that can protect them from such VoIP associated vulnerabilities.



It suggested the following measure that can be adopted by the companies



1. Make the employees aware regarding VoIP security and emphasize the risk it can put on a business.

2. Lock down desktops or certain drives to restrict user’s ability from installing applications.

3. Regularly monitor devices and traffic flows for unknown or unexpected activity.

4. Include VoIP applications in the list of applications that may not be appropriate for employee use (acceptable use policy).





Thus said that the company should try doing the following if a business allows consumer VoIP packages to be downloaded:



1. Ensure that anti-virus applications are installed on all desktops and that they are kept updated to the latest virus definations.

2. VoIP application should be managed with the same zeal as if it is a supported business application.

3. Specific applications should be thoroughly tested and included in the list of applications that are tested, recognized and installed for employee usage.





Via: vnunet Thanks