Mobile security improving, but VoIP is 'a danger'

As more service providers embrace encryption and VPNs, analysts believe mobility now offers greater security. But voice-over-IP is said to be bringing new challenges
Written by Dan Ilett, Contributor

Security standards for mobile computing and telephony have recently improved, analyst group Gartner claimed on Monday. But while service providers have strengthened the security of mobile Internet and email connections, customers are going to have to pay extra for it.

"Security obviously cannot be ignored," said Nick Jones, a research vice-president for Gartner. "But you can worry less — so long as you are willing to pay, for it security can be achieved."

Jones said that a variety of advances in areas such as encryption and virtual private networks — and better management strategies — were helping businesses secure their networks more effectively.

"The argument used to be 'can I get it?'," he said. "The answer is now 'yes'. So the argument comes down to price."

Jones, who gave a keynote speech at Gartner's Wireless and Mobility Summit on Monday, said that mobile computing was becoming an increasingly important issue for IT bosses to consider.

"Mobility is one of the top priorities for CIOs," he said. "If you are a CIO, I hope you have a wireless strategy because your peers will have one."

The Summit also heard that VoIP products such as Skype were likely to drive down mobile phone costs, as some companies are now encouraging staff to use VoIP for long-distance calls.

Jones, however, warned that VoIP services pose a threat to corporate security because they require some ports on the firewall to be left open, which can give hackers opportunities to penetrate a network.

"There are lots of concerns about security on VoIP," said Jones. "Your security people may not realise they are opening their network. You can't use deep packet inspection. You just have to open up ports and hope everything is okay."

Last month, the head of information security for the Royal Mail warned that VoIP applications will expose companies to hackers and malicious code if not implemented correctly.

David Lacey, director of information security for the Royal Mail Group, said last month that he expects a widespread IT security incident to occur in the next two years, possibly as a result of companies hastily moving to VoIP.

Editorial standards