Fending Off VoIP Attacks

Updated: April 30, 2009

Your business is probably switching or has switched to VoIP to take advantage of the technology's many cost, efficiency and productivity benefits. But you also got something else in the bargain — the need to protect your organization's telephone system from outside attacks.

Security is the part of VoIP that most businesses don't like to think about. Many companies still don't fully understand the need for protecting a phone system. But since VoIP shares many technologies with computer-focused data networks, the need to safeguard Internet telephony deployments is very real.

VoIP vendors and service providers don't like to publicize the fact, but IP telephony is vulnerable to virtually all of the attacks that plague regular data networks, including viruses, worms, Trojan horses, DoS (denial of service) assaults and hijacking. VoIP is also vulnerable to things like toll fraud, phishing , voice spam and eavesdropping . Dealing with VoIP threats requires a three-tiered approach that targets threats on the infrastructure, software and user levels. Here are the details:

Network Considerations
VoIP vendors and service providers tout the cost savings that can be made by placing VoIP onto existing data networks. Yet close proximity to other data services can expose a VoIP system to multiple threats. This is particularly true if the VoIP system is exposed to the public Internet.

To safeguard your VoIP system, make sure that ironclad authentication and encryption tools are in place. A VPN (virtual private network) will enable trusted users to securely connect to your VoIP system from untrusted networks. Internally, a VPN will effectively separate the VoIP network from the underlying data network, sparing your phone system from any attacks that may afflict the rest of the network.

If a hosted IP PBX service is used, you should ask the provider what technologies are utilized on its end to keep VoIP threats from attacking the devices used within your organization. Compare the security policies of several VoIP service providers to find the vendor that offers the best security protection.

Security Considerations
Security technologies designed to safeguard traditional networks often don't incorporate "VoIP awareness." VoIP includes a number of specialized protocols that standard network security gear just isn't equipped to handle. Dedicated VoIP networks and converged networks should be equipped with IPSs (intrusion prevention systems) and firewalls that can look deeply into traffic to detect threats that are aimed specifically at VoIP devices. Also, make sure that intelligent IPS technology is placed between VoIP gateways as well as close to the call manager, a prime attack point that contains all critical user data.

User Considerations
In many ways, users are any VoIP network's weakest spot. Users do all sorts of things that open the door to potential attackers, such as using unauthorized hosted IP telephony technologies like Google Talk and Skype . While these services are relatively safe in a stand-alone consumer environment, they can introduce significant risks into an enterprise VoIP system as they search for ways to reach the public Internet though firewalls and other security barriers.

Installing VoIP-aware IPS technology and firewalls at key access locations will help pave the way for the creation of a uniform user-security policy. Organizations may decide to either block user-installed voice technologies entirely or to confine their use in such a way that they can be accommodated in a safe and authorized manner.

Featured Research
  • 8 Ways to Get More From Your VoIP System

    Many businesses adopt VoIP to take advantage of the cost savings without spending enough time reviewing the features and benefits made available by different solutions. If this is true for your business, there’s a good chance you could be getting more from your VoIP system in the form of even lower costs or improved employee productivity. You may even find that your current software offers features that you aren’t taking advantage of! more

  • 7 Ways the Wrong Phone System Can Haunt Your Business

    The wrong phone system could be haunting your business - and we’re talking about problems more serious than ghosts and ghouls. From increased costs to issues with scaling, we’ve identified seven important ways that a less than ideal phone system could be holding you back. You’ll be surprised at how much of a difference this can make to your bottom line too. more

  • Ditch Your Fax Servers

    An in-house fax server gives an IT department centralized management and monitoring over the entire enterprise's faxing. This can help your company track usage and better maintain records for auditing and record keeping. However, there are serious drawbacks that come with utilizing an in-house fax server solution and these range from security to cost-prohibitive pricing. more

  • The IT Manager's Survival Guide

    As an IT manager, maintaining physical fax servers and infrastructure is not a high priority. However, fax capability remains a business need simply because chances are your industry is dependent on its security. What if there was a way to reduce the amount of time spent handling fax complaints and maintaining physical servers? And this way took into account security, cost savings, and freed up your IT resources. Would you be interested? more

  • VoIP: Your New Secret Weapon for a Strong Year End

    As the end of 2017 nears, you may be feeling pressure to make sure you close the year out strong.If you’ve been sitting on the fence regarding VoIP, this may be the perfect time to switch. VoIP options had never been better or more full-featured than they are now, and it may be just the thing your business needs to see a productivity and profitability boost. more