By: Shawn Augenstein

September 1st, 2015

As one of IntelePeer's engineers, I take the security of our customers' information and systems very seriously. Telephony using Voice over IP solutions delivers many benefits including cost savings and increased flexibility, but as with much of today's technologies, there are security threats that must be considered. We've compiled some of the best advice from service providers, security experts and vendors to create a best practices guide for minimizing your security risks in VoIP environments.

Before implementing a VoIP PBX system, know that maintaining a secure environment requires due-diligence and that pre-cautionary steps and regular daily checks must be taken to protect your business environment.

Because a PBX can make almost unlimited chargeable calls very quickly, it has become a profitable target for professional hackers. Hackers continuously scan VoIP PBXs for weaknesses and engineers who specialize in VoIP security can setup measures to ensure PBX security and prevent such risks.

There are industrial-grade scanners operating around the clock to find and exploit unsecured IP-PBXs and hosted handsets. Like any PC or Network with direct Internet access, an IP-PBX must be secured against malicious attacks before deployment. Security issues and attacks such as call interception, Spamming over Internet Telephony and Denial of Service can be devastating and prevent the network and your calls from functioning properly.

Security Best Practices

Attack on voice systems is nothing new. Hackers have been attacking company telephone systems for decades, even before VoIP came along. An attacker may just be attempting to get some free long distance calls for himself, but there are also organized criminals who want to use your telephone system to route international calls at your cost. Some may route calls to premium rate numbers to make money. In any case, the result is the same: your phone bill is increased and the money is in their pocket.

To ensure VoIP security, you should first safeguard yourself with adequate network security. Contrary to some opinions, Session Border Controllers (SBCs) are the best edge device for security in VoIP deployments. SBCs are developed explicitly for voice traffic and have the same built in security features as a standard network firewall.

As a best practice, it's important to secure all VoIP devices and systems that have a configuration interface; including: phones, PBXs, IP Phones, Soft Clients, workstations and other network devices. Additional security measures include the use of strong passwords on VoIP phones, the deployment of a Virtual Private Network (VPN) for remote users, and keeping systems up-to-date with operating system patches.

Rely on your Service Provider

In most IP-PBX attacks, the motive is fraud. If your IP-PBX has been compromised any local policies you have in place to restrict calls will almost certainly be rendered useless. Therefore, it is important to work with your service provider to add an additional, external layer of protection.

IntelePeer is well-versed in the area of security and has a number of safeguards in place to help combat fraud. We support the security of our customers through our Fraud Alert network alarms and our Operations Group actively searches for security breaches.

Follow our checklist to ensure the security of your server, passwords and access meet industry standards and that you have the right security guards in place and there is a backup routine in place. This combined with the support of your service provider will help you be well protected from fraud and alleviate your security concerns.