As I discussed in my recent report: “Key Trends: Contact Centers of the Future,” co
Cisco IP Phone Vulnerability Casts New Light on VOIP Security
Researchers at Columbia University unveiled a security flaw in Cisco IP phone firmware that makes them easily vulnerable to remote eavesdropping, allowing hackers to turn on speakerphones and disable phone lights to secretly listen in on, and/or record conversations. Only direct access to one phone is necessary for a hacker to potentially compromise all phones in an enterprise telephony system.
While Cisco has since offered a patch, it’s likely that the vast majority of Cisco IP phones remain vulnerable as security is typically not a high priority for those managing VOIP systems. Just 39% of companies cite “security” as their primary reason for deploying session border controllers at the interface of their telephony environment with SIP trunking service providers. Far less actively test or monitor their IPT environments for threats and attacks or deploy application specific firewalls to protect against VOIP threats.
ETA Bottom Line: Incorporate active security monitoring and proactive threat protection into your IPT architecture. Stay on top of vulnerability announcements and apply appropriate patches.
- Big Data, Analytics and Virtualization
- Contact Center and Customer Engagement
- Cloud Delivery
- Cost Models and Total Cost of Ownership
- Enterprise Trusted Advisor
- IT Innovation, Transformation, and Enterprise Technology
- Mobile and Network Services
- Security & Compliance
- Unified Communications and Collaboration
According to our most recent benchmark, nearly every enterprises now supports employee use of iPhones and iPads; IT’s hand was forced from consumerization.