Companies are experiencing the benefits of Voice over Internet Protocol (VoIP) phone systems. Scalability, ease of use and cost-effectiveness are all reasons to implement an internet phone system, but in many cases, the switch to this technology doesn’t include a plan for VoIP security.
It’s important to remember that when you install VoIP, critical business conversations are occurring over ISP networks and internet backbones. While some “phreakers,” as phone hackers are called, are simply hobbyists looking for a way to get free long-distance service, other VoIP security threats come from malicious actors. Many hackers plan to steal either your bandwidth, customer data or proprietary information.
There are many ways that VoIP security can be threatened by a phreaker:
- Call fraud, in which hackers get into the VoIP system and take control. They may steal customer data or employee data, or use the system to make long-distance calls.
- Malware or viruses are used to infiltrate VoIP handsets to send spam or record keystrokes to steal credit card information.
- Denial of Service attacks occur when a hacker uses up all of a company’s bandwidth so the company is unable to conduct business through their VoIP system.
- Call hijacking is the sending of a noise packet to disrupt a call, delay voice signals or drop the call altogether.
- Man in the middle attacks trick the server into thinking the hacker is a legitimate member of the call, and then the hacker is eventually able to infiltrate the IT environment.
No company can completely eliminate every risk associated with VoIP security, and to address these items comprehensively would require additional staff and monitoring resources. That’s why many companies that use a hosted VoIP system appreciate the security services that come with their subscription:
Virtual private networks (VPNs): This is a secure network that protects each type of data transmission going in and out of a company. Most businesses use VPNs for other purposes, but they also serve VoIP security well.
Multi-protocol label switching (MPLS): This connection to the internet is highly secure and, with the right network treatment, can be used to prioritize VoIP transmissions over other communications.
Encryption: Encryption will not protect against the most sophisticated attacks, but it is a great first step in protecting VoIP systems.
Patches and updates: Some businesses are surprised to learn that a phone system needs the same security patches and updates that other software applications require. A hosted VoIP provider will make sure the system always has the latest security features.
Antivirus software and monitoring: Any hosted VoIP provider will use antivirus software and continuous monitoring as part of their complete VoIP security package.
To learn more about VoIP security, contact us at Copper State Communications. We can help you identify any areas of vulnerability in your phone system and recommend the tools you need to protect your company.