VoIP is not new, but for organizations still reliant on the public switched telephone network (PSTN), making the upgrade to internet-routed telephony can still feel like a huge step up, even in 2018 and beyond. Long-distance calls over VoIP are much cheaper and higher-quality than ones over PSTN. Plus, they can be processed through a more comprehensive unified communications (UC) solution that also includes video conferencing, visual voicemail, call recording, remote device configuration, integrated fax services and much more.
At the same time, using VoIP requires careful considerations of the associated risks. As an internet-connected service, VoIP is potentially vulnerable to several significant threats, including:
- Toll fraud: Since VoIP allows for many more concurrent calls than traditional phone lines, it's possible for hackers to run up astronomical bills by dialing premium-rate numbers of routing traffic through expensive intermediaries.
- Eavesdropping: VoIP calls are ultimately just data packets, like anything else passing over IP networks. Without encryption, they are vulnerable to interception by third-parties that might use stolen information for identity theft.
- Spam: Like email servers, VoIP systems can be used for mass distribution of spam. The Federal Trade Commission documented a jump from 3.5 million to 5.3 million complaints about unwanted telemarketing calls from 2015 to 2016; VoIP has undoubtedly contributed to this spike.
Fortunately, you have options for pushing back against these threats. Here are a few to take to heart:
Regularly audit all of your configurations
Leaving default VoIP system settings in place can leave you exposed to harm. Be sure to routinely check how you're authenticating users, encrypting traffic and setting up VLANs, as any oversight in these domains could precipitate a breach.
Establish criteria for calls made within your VoIP/UC deployment
Toll fraud is closely associated with specific numbers and countries. It's a good idea to restrict calls to a whitelist of approved domains and to set additional call criteria limiting which devices may make calls and at what times of the day.
Implement a network defense strategy
Firewalls and intrusion prevention systems can help keep out unauthorized individuals. Moreover, applying software updates (especially patches) and ditching any unsupported hardware will further reduce risk.
Work with a trusted UC partner
Teo Technologies provides premises-based as well as cloud UC solutions. Through our experience and expertise in the field, we will ensure your deployment is both efficient and secure. Reach out to our team today to get started.