VPN Articles and News

How To Enhance Security of Your VOIP Connection

By
Thursday, May 29th, 2014


Over the last few years, Voice Over Internet Protocol (VOIP) has become the preferred medium of communication among corporate and individual users. The VOIP technology is affordable and easy to deploy which explains why people are abandoning old PBX systems and switching to VOIP based communication. However, there are multiple security challenges associated with VOIP technology that need to be addressed while deploying a VOIP system. This article will list down several tips on how you can make your VOIP infrastructure and calls more secure.

1) Use Encryption – Since VOIP packets pass through the internet (or corporate intranets), they are open to interception and man in the middle type of attacks. While these types of attacks can be easily prevented by using encryption, very few commercial VOIP providers actually encrypt their traffic. For instance, Skype uses strong AES encryption to encrypt its PC-to-PC VOIP traffic but Google Voice still do not encrypt the calls passing through its network. If you regularly need to make VOIP calls through unsecured (such as Wi-Fi) networks then you can also subscribe to a VPN service to encrypt your VOIP traffic.

2) Use Strong Authentication – Using a strong authentication system would ensure that your VOIP infrastructure is available only to authorized personnel. In the last few years, several instances of criminals hacking into VOIP servers and using the infrastructure to make expensive international calls have come to light. However, such attacks can be easily prevented by having a robust user authentication system. Do not use the default usernames and passwords provided by your VOIP provider and make sure that your users are required to type their credentials before they are allowed to make VOIP calls.

3) Use a Firewall – Apart from encryption and user authentication, you also need to deploy a good anti-virus and firewall on your VOIP server and user machines. There are special firewalls available to monitor VOIP traffic that can help you to detect unusual VOIP traffic patterns and block unsafe applications and ports. Having an anti-virus and firewall would also ensure that your VOIP infrastructure cannot be hacked or used for DOS attacks, fraud, data sniffing or delivering spam over internet technology (SPIT). You must also keep your OS and VOIP software up-to-date so as not to become a victim of the latest security threats.

4) Server Configuration – A VOIP setup is only as secure as its underlying infrastructure and configuration. Make sure to use VOIP equipment that complies with the latest security standards (for instance, IEEE 802.11i and WPA2). It is also necessary to set up your VOIP server in such a way that it cannot be used for malicious purposes. For instance, you can block calls to certain countries to avoid becoming a victim of call-forwarding abuse or toll fraud and block ports that are not required for your VOIP setup. Also, it is a good idea to get a separate internet connection for your VOIP infrastructure so that it doesn’t compromise the security of your vital corporate or personal data.

VOIP is still considered as an emerging technology that is vulnerable to security attacks. However, if you follow the tips given above, you can be sure that your VOIP infrastructure remains safe from all kinds of security threats and cannot be misused without your knowledge.


May 29, 2014
Comments

Leave a Reply

Your email address will not be published. Required fields are marked *


9 + 4 =