Look in the mirror: those bags under your eyes, that sallow skin, the haunted look. You must work in IT. Between keeping the network running and dealing with hackers, slackers, and clueless managers, it's a wonder you get any rest at all.
But if you think you're losing sleep now, just wait. A batch of new problems is about to make a good night's sleep even more elusive. Nightmare scenarios include VoIP security breaches, scary data leaks, rogue software infestations, configuration calamities, and creepy compliance concerns. By all accounts, there's good cause to sleep with one eye open.
Things That Go VoIP in the Night
In November 2004, Edwin Andres Pena allegedly paid suspected computer hacker Robert Moore $20,000 to steal more than 10 million minutes of VoIP telephone service so Pena could resell them to unsuspecting customers. But the hacker didn't attack Vonage or any of the second-tier VoIP providers. He went after an investment firm in Rye Brook, N.Y., which had no clue its network had been hacked.
As enterprises increasingly replace segments of their traditional phone systems with VoIP, they put themselves at risk for what Covergence CTO Ken Kuenzel calls "phone flu" -- attacks that target weaknesses in the Session Initiation Protocol that VoIP applications employ.
"The problem is we've not yet applied the same security principles and models to the SIP protocol that we have to HTTP and SMTP," says Kuenzel, whose company sells VoIP security solutions. "It's a situation where systems are vulnerable to all sorts of attacks and intrusion."
 Click for larger view. |
"With VoIP, it's significantly easier to disrupt communications from remote locations," says Richard Telljohann, manager of security software at IBM Tivoli. "The same worm that takes out your e-mail system can also take out your phones."
WorldxChange, a New Zealand VoIP provider, uses Covergence's Eclipse software to secure VoIP service for its commercial and residential customers. Many IT pros fail to take into account the complexity of VoIP deployments, says Phillip Moore, operations manager for WorldxChange. He says they don't pay enough attention to signaling and media security, port restrictions, firewall rules, account access, and provisioning information.
"If IT managers want to sleep better at night, they need to apply the same security practices to voice that they have to e-mail and Web traffic," Kuenzel says. "They know what to do and how to do it, they just need to deploy products that bring these new apps in line with their tried-and-true security models."
The Data Leak Under the Bed
Get the independent advice and expertise you need to support a virtual workforce.
The increase in Linux popularity has increased the frequency and sophistication of malware attacks. Read this 2 page white paper now to learn how you can protect your Linux environment with real-time protection that is certified by all major Linux vendors.
Download now »
Ensuring acceptable application delivery will become even more difficult over the next few years. As a result, IT organizations need to ensure that the approach that they take to resolving the current application delivery challenges can scale to support the emerging challenges. This handbook elaborates on the key tasks associated with planning, optimization, management and control and provides decision criteria to help IT organizations choose appropriate solutions.
Download now »
A common misconception is that mid-range storage requirements are dramatically different than that of a larger enterprise. Mid-range storage users may require less capacity, but they have similar functionality and management requirements. This ESG paper examines mid-range storage needs and reviews a new solution that adjusts size while retaining value, performance and functionality.
Download now »
Sign up to receive Networking Resource Alerts
Recommend This
