In a request for tender briefing document, the Department of Communications, Information Technology and the Arts (DCITA) said it hopes to hire a consultant to identify the threats associated with the adoption of VoIP.
The department is acting on behalf of the Trusted Information Sharing Network's (TISN) IT Security Advisory Group. TISN is a program designed to strengthen national security through projects like the Computer Network Vulnerability program launched last year.
"New technologies often introduce new vulnerabilities into business systems as individuals and groups with malicious intent seek ways to subvert or compromise the technology," DCITA said.
To gain an industry perspective on the issue, the consultant should have discussions with at least six key stakeholders from the IT and communications industries before formulating a conclusion.
The security aspects of VoIP has been a hotbed of discussion within the telecommunications and IT industry. In response, Voice over IP Security Alliance (VOIPSA) was formed in February aimed at defining security requirements and best practices for VoIP deployments.
The alliance comprises 50 members from the commercial and academic worlds. Some notable names include Nortel, SBC, Siemens, Verizon, Avaya, VeriSign, Samsung Telecommunications America, Alcatel, Accenture, the SANS Institute, Sprint, AT&T, MCI, 3Com, Bell Canada, Time Warner, Symantec and PriceWaterhouseCoopers.
The closing date for tenders to be submitted is April 21. The successful consultant's findings will not be made public.
What security issues are they exactly concerned about??? If VOIP is properly implemanted it should become more secure then the traditional PSTN set up. At this stage I can't see VOIP having a large take up for quite some time and think it will fall into the same catorgary as 3g technology where it has great features but you have to do twice as much as you had to before to perform similar tasks such as make a phone call. However this technology must not be written off for the future as people catch up and usability becomes more frendly. I imagine security will be upgradable just like an operating system on a computer... This will all be exciting to watch.