Is Your VOIP Secure?

VOIP has tremendous benefits for business users – which include cost savings and greater productivity – but like anything else it comes with associated security risks for the corporate network, and these risks must be identified prior to VOIP being rolled out. (It’s also worth those businesses that currently use VOIP checking their security procedures.)

This new guide to VOIP security highlights some of the specific threats to businesses using VOIP systems and provides advice on how these risks can be mitigated.

For example, businesses may be able to operate with greater flexibility using VOIP, but have the privacy implications been considered? It’s much easier to hack a VOIP data steam than an analogue phone line. Sensitive corporate data can easily be compromised, and when you consider the massive fines being levied by the ICO, it’s clear that businesses must avoid data breaches at all costs.

The increased uptake of VOIP technology has created a number of new avenue for fraudsters and hackers. One example is “Vishing” campaigns launched against unsuspecting VOIP users. Vishing – basically phishing attacks made via VOIP – is a new threat which is likely to grow in sophistication before long. Another threat is that of Toll Fraud which frequently catches out companies who have not secured their VOIP systems correctly.

Many of security vulnerabilities listed in the guide can be mitigated through the implementation of rigorous security procedures and processes, many of which should already be standard practice (like a strong user authentication system).

Simon Heron is Internet Security Analyst at Network Box (UK), a managed security company, where he is responsible for developing the overall business strategy and growth. Simon has more than 16 years experience in the IT industry, including eight years experience in Internet security. During this time he has developed and designed technologies ranging from firewalls, anti-virus, LANs and WANs. Prior to Network Box, Heron co-founded and was Technical Director of Cresco Technologies, a network design and simulation solution company with customers in the U.S., Europe and China. Before that he worked for Microsystems Engineering Ltd, as a Project Manager, where he implemented network security for the company.