The security group formed to combat threats to Voice over IP (VoIP) services has finalised its blueprint for the future of VoIP security and doubled its membership within two months.
Among its first projects will be to develop a classification and glossary of threats and define security requirements of VoIP.
The Voice over IP Security Alliance (VOIPSA) plans to raise awareness and catalogue security problems associated with VoIP. Last month SC reported the group was forming, this week, it has detailed both its membership and its perceived role.
“There is an urgent, and immediate need for VoIP security,” said David Endler, Chairman of VOIPSA and director of security research at intrusion prevention company TippingPoint. “VoIP introduces new requirements on existing data networks, quality of service, reliability and privacy. It only takes one big attack to stop the adoption of technology.”
Since its initial launch in February membership of the group has doubled with members including PricewaterhouseCoopers, Samsung and VeriSign.
Alongside chairman David Endler, the secretary is Jonathan Zar of Sonicwall and the treasurer Anne Coulombe of Enterasys. Endler believes it is vital to tackle VoIP now, because the technology is already displaying known vulnerabilities.
“VoIP inherits traditional data network vulnerabilities, the same vulnerabilities that threaten all electronic security,” he said. “VoIP-specific vulnerabilities have been discovered in VoIP protocols like SIP and H.323.”