One of the most frequent – and indeed, one of the most important – questions that our business customers ask is: “How secure is a VoIP phone system?”
First of all, contrary to what some people have been led to believe by what we’ll call “aggressive marketing” by traditional landline phone companies, VoIP security issues have never been about VoIP technology itself, which has always been very solid and, frankly, many years ahead of its time.
Rather, the issues and risks are with the network itself, over which the VoIP phone system operates. So with this in mind, here are 9 tips to help your businesses beef up its network security defenses and, in the process, make your VoIP phone system safe and secure:
1. Ensure that the network’s firewall settings include VoIP phone system protection. Furthermore, “VoIP-aware” firewall functionality is delivered by any true VoIP Managed Router, so don't be concerned if you can't find your VoIP specific firewall. However, be concerned if you have remote workers or those who may travel with their phone since your business may be exposed if that phone was installed before the VoIP phone system was implemented (see #3).
2. Ensure that all wireless networks feature WPA-2 encryption and WPA password security.
3. Ensure that all employees who access the VoIP system through their personal device (e.g. smartphone) have suitable encryption and authentication in place.
4. Most VoIP security breaches are a result of a weak end-user or a result of corporate password requirements, meaning security breaches are 100% preventable! The best preventative measure is simple: take the password out of the employees hands and have IT leadership come up with a complex password convention that will make any potential hacker quickly move on.
*If you do decide to leave passwords in the hands of your employees, educate all employees on best practices and the importance of choosing and changing appropriate passwords (8-16 characters and use at least one symbol, number, upper case letter, and lower case letter).
5. Regularly review call logs to ensure that unauthorized calls aren’t taking place and try to spot check for abnormalities / spikes. Note: this is a best practice that goes beyond VoIP security, since it helps a business see how the VoIP phone system is being used, when, and by whom.
6. Regularly review call forwarding rules to ensure that calls are being routed properly and not being circumvented.
7. Make sure that your VoIP provider has monitoring algorithms to proactively detect any unusual call behavior that may, upon investigation, turn out to be fraudulent or unauthorized.
8. Confirm that your VoIP Provider will automatically shut off service to your monitoring systems without human intervention if unusual traffic is detected by said systems. This is extremely important when considering Toll Fraud and international calling!
*As long as best practices are followed during your Hosted VoIP implementation, this should be a standard functionality. If your VoIP Provider stumbles when discussing point 8 and 9, it's time to find a new Hosted VoIP Provider. Check out our blog for more VoIP best practices.
And last, but certainly not least:
9. Partner with a proven and experienced VoIP phone service partner, who will work with your teams to fortify network security weaknesses, provide robust backup and disaster recovery services and ensure that your VoIP phone system is exactly what you need it to be: reliable, cost-effective, scalable, and, of course, safe and secure!
To learn more, contact the VoIP experts at Votacall today and take advantage of your free, no obligation consultation.