January 3, 2017

How To Protect Your VoIP From Cyber Attacks

By Josh Hamilton

Cyber Attacks and VoIP

Voice over Internet Protocol (VoIP) is a way to take audio signals and transmit them in digital format via the internet; turning an internet connection into a way to make essentially free worldwide calls. With VoIP becoming increasingly more attractive to businesses of all sizes, because of it’s cost effectiveness and scalability, it becomes imperative that business owners understand the security risks, and more importantly, how to combat them. Security risks are mostly taken care of by the VoIP host, where a dedicated team of security experts will work to keep your network safe and secure. However, there is still a number of risks that you should be aware of, and some relatively easy ways to combat them and keep your system as secure as possible.

Firewalls

To best protect your VoIP phone system, you will need to ensure that the computers and other hardware are all secure. One of the most effective ways to do this is to set up an SIP firewall. SIP (Session Initiation Protocol) regulates packets of voice data as it passes between two endpoints on a network – a SIP-based firewall monitors and regulates these voice packets and filters out any traffic that looks suspicious. This is a particularly important area today, when according to Cisco, toll fraud is “prized by a global armada of phone pirates, who are unrelenting in their attacks.” Chris Kruger of Cisco discussed a case depicting the dangers of toll fraud and disregarding security as a top priority:

“Unfortunately, a business decided they needed voice security after the fact… During a few hours one morning, a rogue user had easily accessed the call control in the SIP gateway and generated several thousands of dollars in calls to Eastern Europe.”

So you can see the inherent dangers in failing to take security seriously. Luckily, with top VoIP providers, there will often be security measures in place that will combat threats that a firewall would combat. For example, RingCentral provides top-class network protections that are optimized for handling voice and data. It also provides a continuous monitoring program from their team of security experts, in order to flag potential disruptions, data breaches, and fraud.

Restricting Access and Securing Passwords

Avoxi lists the restriction of unnecessary access to your network as one of the most important ways to keep your VoIP network secure. Allowing open access to all users on your system leaves your system incredibly vulnerable, especially if passwords are not secure, so business owners may need to think long and hard about who they allow to have access to certain privileges when setting up their VoIP.

RingCentral recommends that vendors should implement (at the very least) a stringent set of “strong password policies” as well as SSO (single sign-on) to alleviate log-in fatigue. SSO is a session- and user-authentication service that allows users to use one set of login credentials to gain access to multiple applications without further prompting for authentication.

However, RingCentral is more than aware of the security challenges that are presented by SSO. If a user’s primary password is discovered or changed by hackers, they could have access to multiple resources and applications. Hence the need for a strong password policy. Passwords are incredibly easy to secure with minimal effort; industry standards suggest an 8–16 letter combination of symbols, numbers, and upper- and lowercase letters. In addition to this, passwords should be changed/updated every 2–3 months to further reduce the risk of a security breach.

In order to aid this, many VoIP hosts will provide some form of authentication guidelines or policy. For example, RingCentral provides Duo Access Gateway prompts for two-factor authentication before access will be granted to the VoIP service. It also allows admins to control and enforce a unique policy for each individual SSO application, checking the user, device, and network before allowing access to the application.

Monitoring Network Activity

security watch

Just as consumers monitor their accounts for strange activity, so should businesses with regards to network activity and billing. While the measures already mentioned like restricting access and using firewalls will dramatically reduce your risk of a security breach, regular monitoring can provide another safety net if other measures fail. Call logs should also be frequently audited and monitored, as many hackers will attempt to use a VoIP to make international and often costly calls. Avoxi recommends that you schedule specific periods of time to analyze call records on a regular basis – thus giving you comprehensive insight into your own business, while maintaining a security standard at the same time.

Ensuring your VoIP provider has sufficient remote monitoring technology is a major part of this strategy. Remote monitoring can help to identify problems before damage becomes irreversible, or at times before anything can be done at all.

You should ensure that your service provider will provide protections built into the service layer, and offers counsel on how to best avoid human error leading to toll fraud. The RingCentral platform provides security settings that can help to detect toll fraud and service abuse, as well as a dedicated staff for monitoring use and service.

A hosted VoIP can provide so many benefits to a business, such as cutting call costs and offering a modern and competitive system. However, there are inherent security risks. In order to avoid unnecessary breaches to the system, it is key to eliminate all possibility of human error, by restricting access, ensuring there is a stringent password policy, and monitoring activity on the system. By working in collaboration with your VoIP host, you have the best chance of fostering a secure and safe network from which to operate your business.

Sponsored Series By RingCentral

By Josh Hamilton

Josh Hamilton

Josh Hamilton ​is an aspiring journalist and writer who has written for a number of publications​ involving Cloud computing, Fintech and Legaltech​. ​Josh has a Bachelor’s Degree in Political Law​ from ​Queen's University in Belfast​​. Studies included, Politics of Sustainable Development, European Law, Modern Political Theory and Law of Ethics​.

5 Azure Cost Management Strategies

What Is Azure Cost Management? Azure cost management refers to the practices and processes that [...]
Read more
Andy Hilliard

Accelerance CEO Unveils the Future: AI’s Role in Software Development

In this edition of CloudTweaks, we feature an insightful discussion with Andy Hilliard, CEO of [...]
Read more
Derek Pilling

Diversify for Success: The Multi-Cloud Advantage

What is Multi-Cloud? For good reason there is a lot of discussion about multi-cloud among [...]
Read more
Rahul Subramanyam

Episode 18: Fixing AWS: The CloudFix Story 

Fixing AWS: The CloudFix Story A conversation with Rahul Subramanyam. CEO at CloudFix, and CTO [...]
Read more
Wealth Management Software Solutions - ServiceNow

Leading Online Savings and Wealth Management Services

Financial wealth management services (Updated: 06/29/2022) Many want to live in abundance, but very few [...]
Read more
Steve Prentice

Episode 19: Why AWS Needs to Become Opinionated about FinOps

On today’s episode of the CloudTweaks podcast, Steve Prentice chats with Rahul Subramaniam, CEO at CloudFix [...]
Read more

SPONSOR PARTNER

Explore top-tier education with exclusive savings on online courses from MIT, Oxford, and Harvard through our e-learning sponsor. Elevate your career with world-class knowledge. Start now!
© 2024 CloudTweaks. All rights reserved.