Perhaps one of the more interesting features of VoIP is its portable nature when compared to traditional landline telephony. Several VoIP solutions allow users to utilise their VoIP telephony solution away from base locations, via wireless technologies, publicly available network connections, and mobile capable devices, while still utilising the same telephone number or username.

While this is often a very desirable feature, using these technologies can undermine the security capabilities of a VoIP solution, as the point of connection into the network is no longer controlled by the user and can therefore introduce vulnerabilities into a VoIP system.  Most of these publicly available connections will not be able to be configured by VoIP end users to improve security, or will be too complex for most such users to configure, however upcoming ‘end-to-end’ VoIP encryption solutions may cover these issues. If not utilising an end-to-end security solution, it would be best to avoid using VoIP over these mediums, particularly for confidential or calls which may disclose sensitive information (e.g. where credit card details must be supplied to an operator).

Using VoIP with wireless connections

VoIP can be used over wireless broadband connections, and via wireless LAN networking technologies. These wireless connections offer significantly improved mobility when compared to other networking options (such as wired solutions), and are highly valuable if considering VoIP capabilities on the go.

However, there are some disadvantages to using VoIP over wireless regarding performance and security issues. Regarding performance, wireless services may introduce heavy latency which affects the quality of the voice connection, particularly the flow of speech. In terms of security, wireless connections are susceptible to extra attack vectors beyond wired network options, so require additional security controls to properly protect. These controls may also have an adverse effect on the performance of VoIP over a wireless network.

Using VoIP with Mobile Devices

Use of VoIP over mobile devices such as 3G telephones and PDAs can offer even greater mobility. These technologies will usually utilise a specific version of a softphone solution to enable VoIP.

Use of VoIP on mobile devices may expose the VoIP calls to additional attack vectors due to these device’s generally less secure operating systems and the vulnerabilities found in the wireless protocols they employ. The limited bandwidth to such devices means that introducing the required security controls to protect the calls may render the performance of the VoIP system unusable.

To better protect the privacy of calls made through networks other than those at your home or office, it is recommended to use a VPN (explained further in Section 9: Protecting your VoIP Infrastructure) to encrypt voice data if the technology supports this.

Using VoIP with other applications

Another feature increasingly seen in VoIP solutions is the integration of VoIP services with common desktop applications.

VoIP converged applications and services

• Messaging and collaboration tools – e.g. Microsoft Unified Communications,
  Zimbra, Cisco Unified Communications
• Conferencing software
• Customer Relationship Management (CRM) software
• Extension into web browsers, email etc.
• And many more

It is important for organisations to carefully consider all the implications involved in integrating VoIP with other applications. Security considerations are of particular concern, as the vulnerabilities from either the VoIP system or the application may carry over into the other, doubling the potential for a security weakness to arise.