Home > Midmarket CIO Tips > Data centers and infrastructure for the midmarket > Converged networks a risky business
CIO Midmarket Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

DATA CENTERS AND INFRASTRUCTURE FOR THE MIDMARKET

Converged networks a risky business


Herman Mehling, Contributor
12.10.2007
Rating: --- (out of 5)


Technology news and tips for Midmarket CIOs
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


Converged networks create security problems unheard of in the traditional, voice-only telecom world.

More on converged networks

VoIP security and converged networks supercast


NAC helps SMBs control network, costs

SMBs' enthusiasm for converged communications swells
Traditionally, calls are sent and received over closed, circuit-switched networks. Security and performance concerns are minimal in that world. Calls rarely get dropped. Eavesdropping on a call only happens if someone has physical access to the dedicated circuit set up between the two endpoints.

But the introduction of Voice over Internet Protocol (VoIP) into a network can have dramatic consequences. Instantly, the once simple and secure voice call is broken up into thousands of far-from-secure IP packets that are sent over public and private networks and re-assembled at the other end. Along the way, the call (and, by extension, the whole network) can be hacked at various points inside and outside the company network.

Common threats and vulnerabilities

In a converged network the threats against data remain unchanged, yet their reach is wider. For example, a denial-of-service (DOS) attack against a router can also damage phone communications.

In a converged network the threats against data remain unchanged,
yet their reach is wider.
As many VoIP protocols are open source -- notably, the Session Initiation Protocol and H.323, the two most widely used –- it's easy for hackers to get copies of them and launch attacks. While open source applications and protocols are (arguably) more secure than proprietary ones, they are not invincible.

Operating system (OS) threats come into play because a lot of call-processing software runs on Windows or on open source operating systems. Hackers attack Microsoft products every hour of the day and are increasingly turning their attention to the open source world. Viruses, worms, Trojan horses and spyware, originally intended to steal and corrupt IP data, can ruin the quality of voice and video communications, too.

One of the weakest points in a converged network is the remote access connection from a home-office or road warrior's computer. The connection can become the pinprick-sized hole in the firewall that allows hackers to unleash viruses, spyware and other destructive attacks. The security consequences include data theft, privacy violations and breaches in regulatory compliance.

Protecting your converged network

Faced with the above threats and vulnerabilities, the best course of action is to develop a strong security policy that includes multiple layers of protection and covers key issues. This policy should protect the perimeter layer, the network layer, the host layer and the application/data layer. Multiple layers of protection are the best safeguard against the ingenuity and determination of hackers, and against viruses and malware.

Key issues for each layer:

  • Passwords. You need a very strict policy for their usage and how often they are changed. It's good to have long passwords and to change them frequently.

  • Secure access to network equipment. Access to networking equipment has to be tightly controlled. If a router or firewall is penetrated, the network will be at risk. To maximize security, you should use both the secure shell (SSH) and transport security (TLS) protocols, both of which use encryption. SSH allows data to be exchanged over a secure channel between two computers. TLS provides secure Internet communications.

  • Virus protection. Viruses are an every-hour-of-the-day threat, so you need to guard against them vigorously and update virus patterns constantly.

  • Operating system updates. OS intrusions happen all the time, so it's wise to keep abreast of all updates. Your security policy should ensure that all machines are updated speedily.

  • Disaster recovery. It's vital to have a disaster recovery plan -- a single major network intrusion could seriously damage your business, or even bring it down.

If you follow these steps, your small or medium-sized business can enjoy all the benefits of a converged network without putting your network and entire business at risk.

Herman Mehling is a freelance writer based in San Anselmo, Calif. He can be reached at hermanmehling@sbcglobal.net.


Rate this Tip
To rate tips, you must be a member of SearchCIO-Midmarket.com.
Register now to start rating these tips. Log in if you are already a member.




Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


RELATED CONTENT
Data centers and infrastructure for the midmarket
Virtualization technology creates hosts of problems for midmarket IT shops
Virtual servers key to consolidated data center
Fixed-mobile convergence saves firms costly mobile phone charges
Virtualization the center of county's 'disaster avoidance' plan
Five tips that could change your data center
VoIP rollout in 10 steps
Energy efficiency within reach at SMBs
Open source and Web site design: Caveat emptor
SAS, blades reshaping the server market
SOA adoption check list

VoIP and unified messaging for the midmarket
Mobile unified communications options for the midmarket
Fixed-mobile convergence saves firms costly mobile phone charges
Unified communications plans should tap CIO
CIOs grapple with tying Wi-Fi, VoIP into unified communications plan
Unified communications: Savvy business move or security meltdown?
Unified communications: Securing access to OCS
Personal digital assistants increase revenues, regulatory compliance risks
Unified communications security: How safe is it?
CIO Joseph Edward: In-house app ties parishes together
CIO Shawn Partridge: Rockford improves communication in the construction world

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



Mid-market CIO Business Solutions on Data Integrity, Unified Communications, and Virtualization
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2007 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts