How do I keep my VoIP network secure?

Security risks can be mitigated in any business, and a professionally installed VoIP network is more secure than you'd think. All you need to do is put the right measures in place.

Rob Stevens

31/10/2019

Upgrading your communication to “Voice over Internet Protocol” or VoIP is probably one of the easiest ways to enhance your technology stack. VoIP isn’t just the latest and most exciting way to communicate with colleagues and customers, it’s also a cost-effective tool that’s often more reliable than traditional phonelines.

Unfortunately, though there are many benefits to VoIP technology, there are some downsides too. For instance, there are various ways that cybercriminals can take advantage of IP telephony connections to tap into your conversations. Whether it’s toll fraud or eavesdropping, voicemail hacking or ransomware, VoIP comes with a lot of threats to be aware of.

The good news?

Security risks can be mitigated in any business, and a professionally installed VoIP network is more secure than you’d think. All you need to do is put the right measures in place.

Examining Your VoIP Security

The first step in defending your VoIP services is making sure that your communication systems are installed by a reputable company. The right installation can reduce various risks associated with using VoIP technology, which is why most service providers put extra security measures in place, like firewalls, encryptions, and user authentication.

When you’re installing your VoIP strategy for the first time, don’t be afraid to ask your provider about the things that they’ve done to make your conversations more secure. For instance, ask them if they have VLAN configurations in place, and what kind of signaling methods they use for security. It may also be a good idea to investigate any compliance standards that might apply. For instance, can your VoIP provider help you to implement a security strategy that is HIPAA, SOX, GDPR or PCI compliant?

Often, to support compliance, VoIP companies will put a number of control options in place for their users, including the option to control voice network access rights according to username and password, device certificate, and other criteria. Check that these systems are available before you begin your implementation.

Protecting your communication stack

Once you know that you’re getting support from a reputable and compliant company, the next step is applying as much physical and logical protection as possible. Sometimes, this will mean setting up firewall and intrusion prevention software, or “IPS” tools to monitor your calls and filter unauthorized traffic in your VoIP network. You can also find fraud detection systems that notify you of unusual voice activities too.

If your employees use mobile devices for communication on the go, make sure that you have an MDM strategy in place. This should allow you to remotely control and provision devices, remove sensitive information from phones that get lost, and more.

Depending on the nature of your company, you might also find that it’s useful to use VLANs to segment your voice traffic and separate it from your data traffic. Some voice switches and systems support device discovery protocols for automatically assigning IP phones to VLANs as standard.

All businesses using a VoIP network should also have a strategy in place for how they’re going to encrypt the sensitive voice traffic that they deal with every day. You can choose to apply encryption by device, user or segment, to reduce problems with excessive network latency. You can also encrypt the signaling at your connection gateway using tools like SIP (Session initiation protocol) over TLS (Transport layer security).

Some IP telephony companies provide the option to encrypt media packets in your VoIP networks using protocols like SRTP, or they might let you set up VPNs for network connections made by remote desktop phones and softphones.

Keeping on Top of Security

Remember, making the most of your VoIP security isn’t just about choosing the right vendor or implementing the right encryption and firewalls. You’ll also need to make sure that your team members know how to use their tools safely. Make sure that everyone understands the importance of using strong passwords for their log-in details, and that no-one keeps sensitive voicemail messages in their phones for long.

Setting up an environment where your employees know who to come to when they need to report anomalies immediately or speak to an expert is essential to staying ahead of your VoIP strategy. Don’t give cybercriminals and fraudsters a free pass to get into your VoIP network. Make sure that you’re prepared for anything with a comprehensive plan for safety.