21 March 2014
by: Dan Dorsey
Security is a major problem for businesses of all sizes. Hackers have an edge as they can look at a business' security framework and search for cracks in the data protection foundation. The end result is a situation in which businesses need to carefully consider how they protect all forms of data. This extends to business phone services, as organizations implementing any type of phone system face security challenges.
VoIP solves many of the traditional security problems that organizations face in the telephony sphere. However, VoIP also presents some security challenges of its own. A recent TechTarget report said that leading VoIP providers are already building solutions that resolve these issues.
Looking at VoIP security problems
VoIP does resolve some traditional telephony issues, but moving voice content through the enterprise network exposes it to all of the threats that businesses normally face in the network. Michael Brandenburg, industry analyst for Frost & Sullivan, explained that the rising popularity of VoIP solutions is creating a situation in which organizations must be more prepared to protect voice data.
"When very few [businesses] were using VoIP, there was security through obscurity," Brandenburg told TechTarget. "But there is much more of an opportunity for hacking and security breaches coming down the road as VoIP and SIP trunks replace the PSTN – and enterprises need to be aware of this change."
The report explained that toll fraud issues are heightened in a VoIP environment. Traditionally, organizations experiencing toll fraud have only needed to worry about heavier bills because the phone network was completely segregated from the voice network. Integrating the connectivity infrastructure has created an environment in which hackers that access the PBX can use that for more nefarious purposes than placing unauthorized long-distance calls.
While these security issues may be daunting, it is important that businesses realize that measures can be put in place to resolve VoIP data protection problems.
What businesses can do to protect VoIP data
Industry expert Mike Storella told the news source that businesses can make strides on their own to protect VoIP data. Doing this hinges on establishing the same best practices in business phone systems that organizations build elsewhere. One key area for such innovation, Storella explained, is in password protection. Companies need to be sure to establish policies to ensure users deploy effective passwords and change them frequently. Furthermore, companies need to make sure users change default passwords on VoIP phones.
What VoIP providers are doing to improve security
IP-based telephony systems depend on better protection on the edge of the network. Brandenburg told TechTarget that leading IP telephony providers are using enterprise session border controllers to ensure data is kept safe at the edge of the network.
Safeguarding the network is only one component of data protection, and businesses need to have plans in place in case voice data is compromised. Industry expert Kevin Roarty explained that encryption is rising across the entire VoIP sector to ensure that data is kept safe even when security problems arise.
"If voice or video traffic is going out to the Internet, we need to make sure those streams are protected and not available to the wrong person," Roarty told the news source.
Expanding security excellence throughout the telephony setup
Encryption and network security solutions can safeguard voice data, but that is not the only way to use those technologies in the telephony sphere. As companies transition to IP-based traffic they can also move their fax services to the Internet. Doing so can reduce expenses and provide the same benefits organizations get when they use VoIP solutions. Some leader IP telephony vendors have begun implementing advanced security controls not just for voice, but also for fax services, positioning organizations of all sizes to leverage the technology effectively.