Problems With VoIP Security
What problems with VoIP Security should you expect when moving to the cloud? If you’re thinking of making the switch, you need to know how to keep your VoIP connection safe and secure. In this article, we’ll discuss the top five problems with VoIP security, and how you can prevent them.
Problems With VoIP Security
Although there have been cyber attacks in recent years, it shouldn’t stop you from reaping the benefits of VoIP services for your business. VoIP offers many advantages at a much lower cost. However, like any traditional system of telecommunication or computing, there are certain risks that can need to be covered in order to avoid vulnerabilities. Here are five problems with VoIP security and how you can keep your connection secure from hackers.
5 Tips to Prevent VoIP Security Problems
1. Strong Password
There are many ways to address security threats against VoIP. The easiest way to improve your VoIP security is to set up a strong password. We suggest a minimum length of 16 characters, including numbers, symbols, and uppercase and lowercase letters. Also, do not use a password generator, as there are many available online today. These passwords may be saved to a database that can be accessed by cyber criminals, so we do not suggest using them. Changing your password every 60-90 days can also reduce the risk of security breaches.
2. Install Security Software
Installing specialized security equipment or software is essential to keep your system secure. If your server is an Asterisk, we recommend implementing fail2ban. Fail2ban is able to reduce the rate of incorrect authentication attempts. If configured, it can check login and registering errors on your system and ban all those who are trying to brute force the peer password, inject malicious traffic and try to register peers with wrong credentials.
There are open source IPS IDS Versions like SNORT, Suricata, OSSEC or Bro that can be implemented on your networks to discover any suspicious activity that may affect the integrity of your systems.
3. Security Scans
There are a collection of hacking tools on the market for testing the security of networks, public servers, websites or people. If you have a PBX or IP PBX on a public network, it may be a good idea to run a free scan for possible vulnerabilities. Qualys provides free scans on your networks, servers, desktops or web apps for security vulnerabilities. Scanning takes only a few minutes to find out if you’re at risk. Similar to Qualys, Scamnyserver.com will scan your website and provide you with a list of situations or risk that you may need to take control over.
It is important to take appropriate precautions in order to prevent your server from becoming compromised. Below are a list of websites that offer the latest solutions to vulnerabilities and risk discovered that can be patched or fixed.
Zero Day Initiative
CVE Details
US-Cert
4. Restrict Access
If your staff only need to call at the USA and UK there is no need to open all international networks. Instead, create rules to drop any invite to international networks. Restrict the access to international networks from unauthorized internal PBX Extensions will reduce in call fraud and hackers. Also, use PIN’s to allow access to international networks.
5. Backups
Its is important to have back up solution, in the case that your server is to get compromised. Do not put yourself in the situation of losing data that can kill your company- such as big data, source code, customer account information, financial data, or other operational data. There are great backup and recovery options to help protect your intellectual property but have limited budgets. Regardless of whether you are using a desktop backups or corporate network-based solutions, there are really only three types of backups: manual file by file backup, mirrored backup, and full backups.
1. Manual Backups
Manual Backups are for your laptop and big external drives, such as LaCie, Maxtor, Western Digital or other external drives in the 250GB to 2TB. You can use a utility to copy over important files to the external hard drive. Manual backups are quick and easy for basic daily backup of your laptop. Files pile up on the backup, so that almost everything can be recovered.
2. Mirrored Backups
Mirrored Backups use a disk to mirror selected folders from your laptop drive, or to mirror your entire laptop drive, to an external drive. These backups are great to have a complete, bootable copy of your laptop hard drive. Many good utilities are available for Mac and PC to automatically create or update your mirrored copy daily. If your hard drive dies, you can often boot off the external drive.
3. Full Backups
Full backups are used for primary backup or moving archive. With a big enough disk, you can restore any file or folder to the way it was up to two or three years. Backup is automatic and silent and recovery is easy, just drag or tag the files you want to restore. However, this will require a quality backup tool that may take a while to configure the first time. If you are a start-up company, you’ll want your IT person to set up and check desktop backups the first time.
Backups Tools and Vendors:
Amazon AWS Offsite Backup and Storage
Apple Time Machine
Barracuda
Carbon Copy Cloner
Carbonite
Google Cloud Storage
IDrive
Mozy
Symantec
Additional VoIP Security Tips:
1. Always change your default password, no matter what PBX system, it will be better protected by implementing this process.
2. Never locate phone extensions on places where it has not been monitored.
3. Do not use DISA. If you do decide to use them, use a very strong password and make sure to have it changed every month.
4. Secure your IVR by hanging up calls after failed attempts to access any non existing route.
5. Educate your own staff about cyber security. Youtube offers several videos to gain your staffs attention.
Like Our Blog? Share the love!
