Wireless Telephone Systems: Information Technology (IT) Security Assessments

Security Assessment Services, Inc.

New York New York 10201

Ms J.S. Johnson, Security Director

Company Z

New York, New York 10211

Enclosure: Company Z. Security Assessment

Network security threat assessment

Company Z. is faced with some serious challenges in responding to a number of significant trends that have emerged in recent years that will invariably affect security procedures and processes. For example, in 2013, there were more smartphones in use than personal computers as more telephony customers abandoned their landlines and wired Internet services and replaced them with Web-enabled mobile handheld devices (Booth, 2009). The typical method for the transmission of VoIP digital information between stations is through the use of a network of expensive microwave transmitters (Spasic & Nesic, 2008).

It is important to point out, though, that even VoIP transmissions that are routinely transmitted between microwave transmitters are frequently routed through analog systems as well as part of the connection process. For instance, Booth (2010) reports that, "VoIP phones differ from their analog counterparts in underlying connection infrastructure, provide additional features (transcribed voicemail to e-mail, SMS messaging and emergency notifications) and are typically less expensive to operate" (p. 12). Despite these digital advantages, Booth emphasizes that, "VoIP phones are intricately interconnected with the existing telephone infrastructure, often using older-generation phone lines to initiate and terminate calls" (p. 12). Therefore, Company Z's security network is lagging in this area because it does not take these interconnected routes into account.

Network security vulnerability assessment

Because of their near-universal use, telephone networks security systems are vital to telephone service providers as well as their customers. In this regard, Zirille (2009) emphasizes that, "In this high-technology world, the ubiquitous telephone has become a powerful weapon in the hands of thieves. It can be used as a 'key' to unlock a wide assortment of confidential data" (p. 22). Currently, Company Z. simply discards all internally generated paperwork concerning customer accounts and applications. Therefore, it is recommended that Company Z. improve its physical and environmental security by shredding all internal fax sheets and identification codes for telephony applications (Zirille, 2009). According to Zirille, "Some thieves, known in the trade as "dumpster divers," go through garbage dumpsters looking for such proprietary data" (2009l p. 22).