Since an IP Phone system typically shares the same data network as other IT systems, a breach of the phone system can lead to a breach of other IT systems as well. There are many variations of the attacks that can be launched against VoIP phone systems to inflict damage on businesses.
The way to foil attacks is to take preventive measures to ensure your phone system stays protected against the bad guys…
- When installing new phone equipment and network devices, change the passwords from the default settings.
- Do not use easy-to-guess passwords and avoid the use of a phone number or extension as the system password. If your password is easy to remember, then it offers little or no security. Use a random number generator to design an effective password.
- If you have more than one administrator accessing the telephone system or any IT system, make sure they use unique access credentials.
- Whenever IT staff members leave the organization, immediately disable their access credentials to phone systems, computers and management tools.
- Ask your service provider about its fraud monitoring capability; specifically, if it has real-time toll-fraud mitigation in place that will stop suspicious calls. The service provider should contact you to verify if the flagged calls are legitimate. Also, ask how the service provider deals with Denial of Service attacks.
- Routinely review itemized telephone invoices for any anomalies; if your organization does not call certain international locations, for example, set up the phone system to disallow outbound calls to these locations.
- Make sure phone system and voice application software is kept up to date. If you subscribe to cloud voice, this should be done by the provider as part of its hosted VoIP service.
- Consider using end-to-end encryption to protect sensitive VoIP conversations. This feature may be added to the premises IP Phone system with encryption software, or offered by a cloud voice provider as an add-on to its hosted VoIP service. In essence, end-to-end encryption provides a secure virtual private network (VPN) connection that protects the privacy of conversations.
Larger VoIP networks may need to take a more granular approach to security because the more devices and protocols used, the more expansive the threat landscape becomes.
One cause of security problems with VoIP is the existing network: if it has security vulnerabilities, these can be exploited once VoIP is implemented. Before installing a VoIP solution it is wise to get an independent security assessment of the network. It will be easier to correct security deficiencies before implementing VoIP than after it.
Make sure the firewall is VoIP aware. If it is not, it may need to be fine-tuned or upgraded ahead of the VoIP installation. Also plan on establishing VPN tunnels for any endpoint connectivity outside of the corporate environment, such as remote offices and teleworker locations. And if wireless will be part of the VoIP implementation, it is best to require centralized network authentication, in addition to wireless encryption, and get these ready ahead of the VoIP deployment.
Staying Ahead of the Bad Guys
VoIP offers compelling benefits over traditional PBX systems. These advancements do not come without a cost and require greater effort, planning, and vigilance to reduce security risks. Fortunately, businesses can greatly reduce the risks by taking a few basic steps to keep the bad guys at bay.
Contact ACC Telecom to discuss your VoIP implementation options and security needs. Please contact ACC Telecom to request service or a quote. Send an email to firstname.lastname@example.org or give us a call at any of the following numbers:
- 410-995-0101 (main)
- 888-226-2216 (toll-free)
- 202-347-0127 (Washington DC)
- 703-281-3400 (Northern VA)
- 301-621-4646 (Western MD)