The use of VoIP services for voice traffic has grown exponentially in recent years, thanks to the dramatic cost savings and a host of other benefits. However, as with any new technology, along with the benefits come additional risks. Because it relies upon networking and internet infrastructure, VoIP introduces security issues that have the potential to affect not just your voice calls but your entire network.
If you are thinking of moving to VoIP, therefore, it’s important to understand the potential risks and what you can do in terms of best practice to ensure your implementation is secure.
Dividing VoIP wholesale carrier and data traffic
It’s likely that when you implement VoIP, it’s going to be sharing a network with your data. Organisations therefore need to ensure that they have monitoring in place that can detect both external and internal threats.
Although they may have shared infrastructure, it’s a good idea to maintain a degree of separation between your voice and data traffic. By ensuring that VoIP traffic flows through the appropriate network paths and via security devices such as VoIP ready firewalls, you can not only keep it secure but also reduce performance issues.
This may involve having a dedicated subnet and virtual devices to ensure that VoIP always gets the bandwidth it requires and doesn’t suffer from contention with data applications. This also helps to ensure that network admins have a clear view of traffic flows so they can prioritise VoIP.
DDoS attacks
VoIP systems are particularly vulnerable to DDoS attacks, especially if you are also running your PABX in the cloud. Most of these attacks rely on hitting the PABX with a massive volume of requests so that it gets to a point where all it can do is shut down access altogether. If you are on the receiving end, this means loss of connectivity and ultimately loss of revenue.
The way to guard against this is to employ some form of traffic analysis. This can identify abnormal patterns of requests and either automatically block the attacker or notify admins to take appropriate action.
Toll fraud
Again detection can help by alerting you to unusual patterns of traffic or a rise in calls to unfamiliar geographic destinations. You can also use the admin functions of your PABX to restrict call destinations for users or user groups.
Toll fraud is the other major issue for VoIP users. This involves hackers stealing time on your network to make calls on your account. Usually, this type of attack starts with unauthorised access, so it’s vital to ensure your account passwords are strong and not used elsewhere.
Policy
We can’t leave this topic without looking at the issue of policy. It’s important to lay down guidelines for the use of VoIP systems and monitor systems to ensure that these are observed. In certain industries – financial services for example – you may also need to follow specific compliance rules, such as recording calls and storing the data for a fixed time period.
