Feb 25, 2016
Business owners everywhere are discovering the advantages of implementing Voice over Internet Protocol (VoIP)—a communication technology that offers a cost-effective alternative to traditional business telephone lines. VoIP can even integrate elements such as voicemail, instant messaging (IM), texting and video conferencing into your phone system.
However, like any new technology platform, VoIP networks are susceptible to online security threats. As such, there are certain vulnerabilities and special requirements that organizations need to be aware of. Here are our top tips for securing your business VoIP network:
Identify Interception Points for Hackers
“Since VoIP packets flow over the network (just like data packets do), sensitive corporate information could be intercepted,” writes IT Consultant Bev Robb. “Some of the same threats that affect data networks can also affect VoIP.”
What this means is because your VoIP calls and messages can exist in multiple formats, as opposed to a traditional telephone call, the data they contain is more susceptible to being compromised.
For instance, a traditional voicemail remains audio just as an email remains text. A VoIP network allows audio to be converted to text, making it more susceptible to a wider array of potential security breaches.
Do Not Share Passwords or Cryptography Keys
The robust duplication and transfer of large data packets that Robb refers to can open the door to a number of threats, including phishing for passwords, PINs or other cryptographic keys which can potentially surface in a digitally transcribed phone conversation or message.
One example Robb identifies is the “Man-In-The-Middle” (MITM) attack strategy, in which the attacker secretly relays and possibly alters communications between two parties who believe they are directly communicating with one another.
Passwords and site keys are in place to prevent this kind of third-party attack. However, when they’re shared over a VoIP channel, they can become vulnerable to interception by hackers.
Who Wants to Break in, and What Are They Looking For?
Another way to regard the increased cyber threats that coincide with the growth of VoIP is to consider the entry points where VoIP voice and text exchanges can be accessed in the same way an email account can. Unlike 20th century phone system wire-tappers, today’s eavesdroppers can work far more efficiently and patiently – and they have more to gain.
Thanks to integration with things like network-based financial software, the value of information gleaned from a random IM exchange or phone call transcript can be much greater than it was even just five years ago. The solution is to safeguard the entire company network as one system with multiple outlets handled separately.
Strike Back With a Plan to Recover Losses
The biggest hole in VoIP security at present is the ignorance of VoIP’s new-found vulnerability. By following these simple steps, however, you can better protect your VoIP network from hackers:
1) Understand that phone traffic lives on the Internet now. Follow Bev Robb’s advice and separate voice and data traffic with two separate VLAN lines.
2) Use encryption and passwords that aren’t stored or shared in the network they’re safeguarding.
3) Insist on an up-to-date, patched VoIP network.
The days of separate networks for messaging and voice are about as over as the days of having a separate device for your calculator, camera and telephone. This means it’s important to take a holistic multi-layer approach to securing your VoIP network, just as you would secure your network as a whole.
For more information on how modern VoIP solutions can help your organization work smarter, check out our whitepaper, Top 10 List When Considering a Cloud-Based Contact Center Solution.
About the Author: Jesse Bird
Jesse Bird, CTO and co-founder of TCN, has been passionate about emerging technologies from an early age. He has used that passion as a springboard for his career and has strived to keep TCN at the forefront of Voice Over Internet Protocol (VoIP) and call center technology for the past 15 years.
Since co-founding TCN in 1999, Jesse has been pivotal in guiding the technology team through three major iterations in their product line, including his work spearheading the launch of TCN’s new Platform 3.0. Jesse’s extensive knowledge base has impacted all levels of the technology stack, from physical hardware and network designs to virtualized computing environments to database design and all types of VoIP technology. His consultative approach to client interactions has been essential to growing the TCN brand and making it the industry leader it is today. Jesse has not only played a critical role in keeping TCN’s call center technology at the forefront of the industry, but also helped create its open, tight-knight corporate culture.