RANSOMWARE TRACKING MAPS

Recent problems experienced with Ransomware are evident from infections, which have occurred in 99 countries including China and Russia. The organization that was worst hit by the attack was the National Health Service in England. It was reported that there was a WannaCry programme that demanded...

How To Protect Your VoIP From Cyber Attacks

Cyber Attacks and VoIP

Voice over Internet Protocol (VoIP) is a way to take audio signals and transmit them in digital format via the internet; turning an internet connection into a way to make essentially free worldwide calls. With VoIP becoming increasingly more attractive to businesses of all sizes, because of it’s cost effectiveness and scalability, it becomes imperative that business owners understand the security risks, and more importantly, how to combat them. Security risks are mostly taken care of by the VoIP host, where a dedicated team of security experts will work to keep your network safe and secure. However, there is still a number of risks that you should be aware of, and some relatively easy ways to combat them and keep your system as secure as possible.

Firewalls

To best protect your VoIP phone system, you will need to ensure that the computers and other hardware are all secure. One of the most effective ways to do this is to set up an SIP firewall. SIP (Session Initiation Protocol) regulates packets of voice data as it passes between two endpoints on a network – a SIP-based firewall monitors and regulates these voice packets and filters out any traffic that looks suspicious. This is a particularly important area today, when according to Cisco, toll fraud is “prized by a global armada of phone pirates, who are unrelenting in their attacks.” Chris Kruger of Cisco discussed a case depicting the dangers of toll fraud and disregarding security as a top priority:

“Unfortunately, a business decided they needed voice security after the fact… During a few hours one morning, a rogue user had easily accessed the call control in the SIP gateway and generated several thousands of dollars in calls to Eastern Europe.”

So you can see the inherent dangers in failing to take security seriously. Luckily, with top VoIP providers, there will often be security measures in place that will combat threats that a firewall would combat. For example, RingCentral provides top-class network protections that are optimized for handling voice and data. It also provides a continuous monitoring program from their team of security experts, in order to flag potential disruptions, data breaches, and fraud.

Restricting Access and Securing Passwords

Avoxi lists the restriction of unnecessary access to your network as one of the most important ways to keep your VoIP network secure. Allowing open access to all users on your system leaves your system incredibly vulnerable, especially if passwords are not secure, so business owners may need to think long and hard about who they allow to have access to certain privileges when setting up their VoIP.

RingCentral recommends that vendors should implement (at the very least) a stringent set of “strong password policies” as well as SSO (single sign-on) to alleviate log-in fatigue. SSO is a session- and user-authentication service that allows users to use one set of login credentials to gain access to multiple applications without further prompting for authentication.

However, RingCentral is more than aware of the security challenges that are presented by SSO. If a user’s primary password is discovered or changed by hackers, they could have access to multiple resources and applications. Hence the need for a strong password policy. Passwords are incredibly easy to secure with minimal effort; industry standards suggest an 8–16 letter combination of symbols, numbers, and upper- and lowercase letters. In addition to this, passwords should be changed/updated every 2–3 months to further reduce the risk of a security breach.

In order to aid this, many VoIP hosts will provide some form of authentication guidelines or policy. For example, RingCentral provides Duo Access Gateway prompts for two-factor authentication before access will be granted to the VoIP service. It also allows admins to control and enforce a unique policy for each individual SSO application, checking the user, device, and network before allowing access to the application.

Monitoring Network Activity

security watch

Just as consumers monitor their accounts for strange activity, so should businesses with regards to network activity and billing. While the measures already mentioned like restricting access and using firewalls will dramatically reduce your risk of a security breach, regular monitoring can provide another safety net if other measures fail. Call logs should also be frequently audited and monitored, as many hackers will attempt to use a VoIP to make international and often costly calls. Avoxi recommends that you schedule specific periods of time to analyze call records on a regular basis – thus giving you comprehensive insight into your own business, while maintaining a security standard at the same time.

Ensuring your VoIP provider has sufficient remote monitoring technology is a major part of this strategy. Remote monitoring can help to identify problems before damage becomes irreversible, or at times before anything can be done at all.

You should ensure that your service provider will provide protections built into the service layer, and offers counsel on how to best avoid human error leading to toll fraud. The RingCentral platform provides security settings that can help to detect toll fraud and service abuse, as well as a dedicated staff for monitoring use and service.

A hosted VoIP can provide so many benefits to a business, such as cutting call costs and offering a modern and competitive system. However, there are inherent security risks. In order to avoid unnecessary breaches to the system, it is key to eliminate all possibility of human error, by restricting access, ensuring there is a stringent password policy, and monitoring activity on the system. By working in collaboration with your VoIP host, you have the best chance of fostering a secure and safe network from which to operate your business.

Sponsored Series By RingCentral

By Josh Hamilton

About Josh Hamilton

​Josh Hamilton ​is an aspiring journalist and writer who has written for a number of publications​ involving Cloud computing, Fintech and Legaltech​. ​Josh has a Bachelor’s Degree in Political Law​ from ​Queen's University in Belfast​​.
Studies included, Politics of Sustainable Development, European Law, Modern Political Theory and Law of Ethics​.

View Website

SYNDICATED NEWS SOURCES

IDC – Cognitive and Artificial Intelligence Systems to Reach $57.6 Billion in 2021

By CloudBuzz | September 25, 2017

IDC Spending Guide Forecasts Worldwide Spending on Cognitive and Artificial Intelligence Systems to Reach $57.6 Billion in 2021 FRAMINGHAM, Mass., September 25, 2017 – Worldwide spending on cognitive and artificial intelligence (AI) systems is forecast to reach $57.6 billion in 2021,…

(ISC)2 and Cloud Security Alliance Host Cloud Security Summit to Help Cybersecurity Pros Securely Harness Cloud Technologies

By CloudBuzz | September 22, 2017

(ISC)2 and Cloud Security Alliance Host Cloud Security Summit Research cites strengthening of cloud security skills top priority over next three years CLEARWATER, Fla. ,Sept. 22, 2017 /PRNewswire-USNewswire/ — (ISC)² today announced it’s partnering with the Cloud Security Alliance (CSA) for the CSA…

Exclusive: T-Mobile, Sprint close to agreeing deal terms – Sources

By CloudBuzz | September 22, 2017

(Reuters) – T-Mobile US Inc (TMUS.O) is close to agreeing tentative terms on a deal to merge with peer Sprint Corp (S.N), people familiar with the matter said, a major breakthrough in efforts to merge the third and fourth largest…

Hack of U.S. securities regulator rattles investors, stirs doubts

By CloudBuzz | September 21, 2017

WASHINGTON/NEW YORK (Reuters) – Wall Street’s top regulator faced questions on Thursday about its defenses against cyber criminals after admitting hackers breached its electronic database of corporate announcements and may have used it for insider trading. The incursion at the…

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

By CloudBuzz | September 21, 2017

Servers Expose Over 1 Billion Records As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making…

Thales Joins the Microsoft Enterprise Cloud Alliance

By CloudBuzz | September 21, 2017

SAN JOSE, Calif., Sept. 21, 2017 /PRNewswire/ — Thales, a leader in critical information systems, cybersecurity and data security, is now a member of the Microsoft Enterprise Cloud Alliance (ECA). Designed to foster innovation and promote awareness of partner solutions, the ECA membership…