February 7, 2005
An initial alliance of over twenty industry leaders has been formed to confront any increased security risks inherent in converged voice and data networks.
Formation of the VoIP Security Alliance (VOIPSA) was announced today. Its mission is to help organizations understand and avoid VoIP security risks through discussion lists, white papers, sponsorship of VoIP security research projects, and the development of tools and methodologies for public use.
Backed by a wide spectrum of organizations represented by universities, security researchers, VoIP vendors, and VoIP providers, VOIPSA is solely dedicated to VoIP security. Chaired by TippingPoint, a division of 3Com, charter members include 3Com, Alcatel, Avaya, Columbia University, Enterasys, Ernst & Young, NetCentrex, SecureLogix, Siemens, Southern Methodist University, Spirent, Symantec, and the SANS Institute.
Enterprises are rolling out VoIP to reduce costs and increase operating efficiencies, but once the decision is made to put it at the heart of their business, companies need to address security comprehensively — at the applications, systems and services layers, according to Alliance members.
VOIPSA grew out of TippingPoint’s formation last year of a VoIP Security Research Lab to discover and analyze VoIP threats and is the culmination of efforts to analyze weaknesses and discover new vulnerabilities through functional protocol testing.
TippingPoint hopes to see VOIPSA use and improve a VoIP security testing tool it developed for this purpose.