Skip navigation links
About PLDT
Products and Services
Investor Relations
Get Support
  
Skip navigation links
MEDIA CENTER HOME
NEWS ARCHIVES
PLDT.COM > Media Center > PLDT - May06VOIPrelatedSecurity
 

 

 

 

 

ePLDT presents VoIP-related security risks in Powertips confab

(Manila, May 12, 2006) ePLDT, the premier Information and Communications Technology company in the country, recently presented the security risks in the use of VoIP or Voice Over Internet Telephony Protocol during the POWERTIPS conference on enterprise security aimed at raising awareness of cyber security and empowering corporate infrastructure and personal systems to protect themselves from risks.

VoIP, which is rapidly gaining acceptance among businesses, is the technology used to transmit voice conversations over a data network, whether Internet or corporate Intranet, using the Internet Protocol, according to Allan Jay Garcia, Head of Data Security of ePLDT’s Systems Integration Group. VoIP enables a router to transmit telephone calls and faxes over the Internet without loss in functionality, reliability, or voice quality.

Many organizations have considered using VoIP for their business, but are cautious due to risk factors that come with implementing this technology, most importantly, the threats to security.  “There are two main reasons why an attacked would exploit a VoIP system: to hurt the carrier and to hurt the user,” related Garcia.  Hackers can disrupt service by bringing down the system, they can steal the service or damage infrastructure. 

“There’s also the possibility of Identity theft, eavesdropping and getting compromised information; hackers can break down the voice packets from particular transmission and recreate it and transmit it to become a different conversation, or change voice mail or insert words into conversations.”  Garcia also named other forms of attacks, such as exploited media servers and transmission services, as well as IP-inherited virus attacks.

To protect the system from harmful attacks, Garcia advised organizations to ensure that identification, authentication and encryption measures exist in their IPT system.  He also cautioned against the use of the same IP addressing scheme as an organization’s code of network. “Create a different IPT addressing scheme so it’s easier to avoid the misuse of your IPT system and prevent inherent attacks.”  Garcia also underscored the importance of knowing the protocol used by the system and being able to identify the points of attack to ensure that every point, from the operating system down to applications, is safe and have their own defenses.”

 
Lastly, Garcia advised organizations to exercise careful planning before implementing VoIP.  “You have to make sure security systems like identity, integrity and privacy measures are in place,” he stressed.  “There is no single set of protection, whether hardware or software, that would guard against everything forever, so it’s always an advantage to be proactive and vigilant in securing your systems.”

Entitled “Security Secrets and Strategies,” the conference was the biggest gathering of security experts and served as a venue to discuss key issues related to information and network security.
     
     
    About PLDT | Get Support | Contact Us | Sitemap | Subsidiaries                                                                         All rights reserved. Copyright 2008 Philippine Long Distance Telephone Company