Wiretapping phones is not something that most of us worry about. While it has always been possible, phone calls are routed over a closed network and in most jurisdictions monitoring these networks requires some legal authority. Most of us take the realistic view that our conversations are not sufficiently important to attract attention.
VoIP changes all of this. VoIP runs over public networks which are open to unauthorized monitoring, all it takes is a packet sniffer downloaded from the Internet. The threat does not stop there, a number of other security threats enable call monitoring, and as we all know, legal restrictions have done nothing to control Internet threats.
The risk of unauthorized call monitoring on a VoIP network is much higher than on the standard phone system. There are two parts to all VoIP calls, the call set-up and the call data (audio stream), both subject to monitoring. Monitoring call setup provides details of who called who, certainly something you would want to keep private during a contract negotiation, and can reveal details that would enable monitoring of the call itself.
BorderWare’s SIPassure SIP Security Gateway solves this problem by encrypting both the call set-up traffic and the audio stream. SIP call setup is encrypted using TLS, the same protocol used to secure access to web sites. Audio stream encryption uses ZRTP, an Internet Draft standard from Phil Zimmermann, creator of the PGP email encryption standard.
Securing both call setup and data by offering encryption services at a perimeter gateway protects call confidentiality. The gateway implementation enables all users, regardless of the type of phone used, to benefit from that protection. All calls between office locations are protected simply by installing a SIPassure at each location, avoiding the expense and management overhead of adding encryption services to individual phones. Additionally, calls to and from individual remote users are protected by enabling the same standards based encryption services in those user’s phones. In both cases SIPassure manages the encryption and decryption of all calls and enables the controlled use of authorized call monitoring and recording.
The flexible encryption services provided by SIPassure enable secured communication between corporate locations and with external partners and advisors such as attorneys and financial advisors while ensuring that any legal or regulatory requirements for call monitoring and recording may still be met. |
