Top VoIP Network Security Tips for 2016
CTO
Business owners everywhere are discovering the advantages of implementing Voice over Internet Protocol (VoIP)—a communication technology that offers a cost-effective alternative to traditional business telephone lines. VoIP can even integrate elements such as voicemail, instant messaging (IM), texting and video conferencing into your phone system.
However, like any new technology platform, VoIP networks are susceptible to online security threats. As such, there are certain vulnerabilities and special requirements that organizations need to be aware of. Here are our top tips for securing your business VoIP network:
Identify Interception Points for Hackers
“Since VoIP packets flow over the network (just like data packets do), sensitive corporate information could be intercepted,” writes IT Consultant Bev Robb. “Some of the same threats that affect data networks can also affect VoIP.”
What this means is because your VoIP calls and messages can exist in multiple formats, as opposed to a traditional telephone call, the data they contain is more susceptible to being compromised.
For instance, a traditional voicemail remains audio just as an email remains text. A VoIP network allows audio to be converted to text, making it more susceptible to a wider array of potential security breaches.
Do Not Share Passwords or Cryptography Keys
The robust duplication and transfer of large data packets that Robb refers to can open the door to a number of threats, including phishing for passwords, PINs or other cryptographic keys which can potentially surface in a digitally transcribed phone conversation or message.
One example Robb identifies is the “Man-In-The-Middle” (MITM) attack strategy, in which the attacker secretly relays and possibly alters communications between two parties who believe they are directly communicating with one another.
Passwords and site keys are in place to prevent this kind of third-party attack. However, when they’re shared over a VoIP channel, they can become vulnerable to interception by hackers.
Who Wants to Break in, and What Are They Looking For?
Another way to regard the increased cyber threats that coincide with the growth of VoIP is to consider the entry points where VoIP voice and text exchanges can be accessed in the same way an email account can. Unlike 20th century phone system wire-tappers, today’s eavesdroppers can work far more efficiently and patiently – and they have more to gain.
Thanks to integration with things like network-based financial software, the value of information gleaned from a random IM exchange or phone call transcript can be much greater than it was even just five years ago. The solution is to safeguard the entire company network as one system with multiple outlets handled separately.
Strike Back With a Plan to Recover Losses
The biggest hole in VoIP security at present is the ignorance of VoIP’s new-found vulnerability. By following these simple steps, however, you can better protect your VoIP network from hackers:
1) Understand that phone traffic lives on the Internet now. Follow Bev Robb’s advice and separate voice and data traffic with two separate VLAN lines.
2) Use encryption and passwords that aren’t stored or shared in the network they’re safeguarding.
3) Insist on an up-to-date, patched VoIP network.
The days of separate networks for messaging and voice are about as over as the days of having a separate device for your calculator, camera and telephone. This means it’s important to take a holistic multi-layer approach to securing your VoIP network, just as you would secure your network as a whole.
For more information on how modern VoIP call center solutions can help your organization work smarter, check out our whitepaper, Top 10 List When Considering a Cloud-Based Contact Center Solution.