Agencies

Anti-Money Laundering

Business Continuity & Disaster Recovery

Compliance

Emerging Technology

Governance and Standards

Identity Theft

Leadership Management

Physical Security

Risk Management

Training & Education

Webinar Calendar

Vendor Directory

Content Library

Products

Events

About Us

Resources

Guidance on the Security Risks of VoIP

Gramm-Leach-Bliley Act (GLBA)Federal Deposit Insurance Corporation (FDIC)Risk Management

Summary: The FDIC is providing guidance to financial institutions on the security risks
associated with voice over Internet protocol (VoIP). VoIP refers to the delivery of traditional telephone voice communications over the Internet.

Highlights:

• VoIP is susceptible to the same security risks as data networks if security policies and configurations are inadequate.
• The risks associated with VoIP should be evaluated as part of a financial institution’s periodic risk assessment, with status reports submitted to the board of directors as mandated by section 501(b) of the Gramm-Leach–Bliley Act (GLBA). Any identified weaknesses should be corrected during the normal course of business.
• The attached “Informational Supplement” details the risks associated with using VoIP.

> Read entire regulation (log in required - registration is free)