Is VoIP Right for Your Business? Voice over Internet Protocol (VoIP) services enable businesses to conduct calls across the same network to access the Internet and get email – and at a fraction of the cost of traditional voice networks. However, VoIP developers have been focused on quality and reliability versus security. Therefore, if you choose to adopt VoIP, it is up to you to take the proper steps to secure it. Background and benefits The number one benefit of VoIP is its low cost. In the conventional telephony world, multiple phone lines, conference calling features, and long distance charges create many extra charges. However, most VoIP providers not only offer unlimited local and long-distance calling for a relatively low flat fee, the fee also includes most, if not all, of the additional features businesses need. In addition to lower phone bills, here are some other benefits of VoIP: Simplified infrastructure. Eliminating dedicated voice lines means you no longer need separate voice and data networks. Since each usually has its own equipment and vendors, you’ll likely pay less for ongoing capital investments and support services. Easier management. Because a VoIP exchange is based on software rather than hardware, it is easier to alter and maintain. Better productivity. VoIP treats voice like any other kind of data, so users can attach documents to voice messages or participate in virtual meetings using shared data and videoconferencing. Scalable. Traditional PABX (Private Automatic Branch Exchange) based phone systems come in many size ranges and it may be necessary periodically to scrap existing systems and replace hardware. This is not the case with VoIP systems. Flexible connections. If your company has its own VPN and combines it with VoIP, you can set up a fully functioning office anywhere there is a broadband connection. With a VoIP phone, you can place or receive calls as if you were sitting at your desk. Moreover, since your phone number is mobile as well, you can make “local” calls back home or call around the globe without worrying about cell phone roaming or hotel surcharges. Security concerns Denial-of-Service Attacks — This is when “telephony botnets” are unleashed with the intent of overpowering VoIP telephony devices with call requests and registrations. This flooding can create resource exhaustion, long term busy signals, and force dropped calls. Eavesdropping — Services measurement and troubleshooting software that is part of a VoIP solution makes eavesdropping a relatively easy task. By monitoring call signal packets, unauthorized third parties can learn user names, passwords, and phone numbers, thereby gaining control over calling plans, voicemail, call forwarding, and billing information. More importantly, third parties may also gain access to confidential business and personal information by eavesdropping on actual VoIP-based conversations. Phishing — Similar to email phishing, VoIP phishing occurs when a voicemail left for the account owner is purportedly from a trustworthy person or business, but is really designed to acquire sensitive information such as passwords or credit card numbers. These phishing voicemails may include a phone number or Web address masquerading as a legitimate bank or online payment service. Toll Fraud — Toll fraud happens when an intruder gains control of the VoIP network and proceeds to mimic an authorized user or take control of the network and use the account to make long distance calls at the account holder’s expense. Security recommendations Separate VoIP and data — A properly designed network will separate the entry of data and VoIP at the perimeter, using a general firewall for data and a specific security device for VoIP. A good perimeter solution for VoIP should be able to intercept attacks on a VoIP system. Vigilance — Make sure to be stay up to date about new and changing threats to the operating system as well as the VoIP systems. This includes installing patches and security updates as soon as they are available. Block rogue VoIP use — There are many free consumer VoIP technologies available — any of which could be downloaded and used by an employee without the IT staff knowing. These rogue networks introduce unnecessary risk, so it’s important to detect and block them by using VoIP-aware firewall and intrusion detection tools at key access points. Manage entry points — Disable and remove any unneeded application and operating services a hacker could use as a pathway into the system. Employ gateway security to limit access to authenticated users. VPN for remote VoIP — When employees use a business’ VoIP account from outside the office, making untrusted remote connections, a VPN tunnel, as well as encryption and authentication measures are vital. Network security — Tools should be in place to constantly monitor the network for suspicious activity and to prevent unauthorized access to the network. Conclusion from Symantec |
UPCOMING VIRTUAL EVENTS
Demystifying Cyber Security for SMBs
The continually changing threat landscape requires us to update best practices and add new concepts to keep your organization safe.
SESSION 4: Cyber Security Strategy
Watch On-Demand
SESSION 5: Cyber Insurance & MFA
Watch On-Demand
SESSION 6: Threat Detection | JAN. 15
Microsoft Copilot
Master Class Workshop
eMazzanti will host 60-minute Master Classes, that speak to how AI can help your business streamline and grow.
In each session, you will have Artificial Intelligence and Automation explained, view a live demo of Copilot, and see it live in action in a dynamic format.
RESOURCES
Cyber Security Awareness Hub
Cyber Security Awareness Kit, designed to be delivered to your team in bitesize chunks.
We are sharing the resources and highlighting services your organization needs, covering everything from multifactor authentication to software updates, showing your users just how easy it is to improve their security posture.
Resource Library
Insights to help you do what you do better, faster and more profitably.
> Tips to Stay Protected Against Phishing Attacks
> Understanding Ransomware
> The 6 Known Wi-Fi Threat Categories Targeting Your Business and How to Defend Against Them
> Practical Advice for Avoiding Phishing Emails
NEWSLETTER
"*" indicates required fields