Minimize data loss due to security threats by making sure you have the right measures in place
A couple weeks ago, Dawn Brister discussed the four most common threats to your IP phone system. Now that you know what the risks are, it’s time talk about how to protect your voice-over-IP (VoIP) network.
VoIP offers plenty of benefits to small businesses; unfortunately, it also presents many opportunities for hackers to cause harm to your voice network. IP-based voice networks are vulnerable to the same risks as data networks. But you can use many of the same security techniques and technologies for your VoIP network that you may already be using on your data network.
The Information Systems Control Journal of ISACA, an independent association that provides education on information systems assurance and security, has a useful article about security within VoIP networks.
Following are six tips for securing your VoIP network and voice data:
- Lock up your servers: As with your servers and other central IT equipment, make sure your VoIP servers are under lock and key.
- Encrypt voice traffic: To avoid unauthorized access to calls and unauthorized changes to voice messages and other VoIP content, encrypt your voice traffic. All good VoIP systems should have built-in encryption capabilities to protect against such threats as man-in-the-middle attacks and unauthorized snooping of voice data.
- Install firewalls: Since VoIP traffic and data traffic all travel on the same physical network, protecting your data network helps protect your VoIP network. For example, the Cisco SA500 Series Security Appliances and Unified Communications 500 Series have security features to protect the entire network, both voice and data traffic, and use VLANs to virtually separate the two traffic flows from each other on the same physical network.
- Separate voice and data traffic: The ISACA Journal article recommends using separate servers for your voice and data traffic. This way, you can minimize the risk of voice and data loss in the event that your business is the target of a distributed-denial-of-service attack.
- Filter unauthorized traffic: Configure your switches, routers and firewalls to monitor and filter your network for unusual voice and data activities. For example, voice traffic should not be allowed on your data network and vice versa.
- Setup dial plans and user profiles: You can use VoIP system features to identify users, the type of calls being made and restrict unwanted traffic, such as outbound international calls. Traffic limits can also be set to ensure call quality and maximum voice and data network performance. These features can also be set to log caller activities and events.
In addition to these measures, you should also put strong passwords in place for your VoIP servers. You should also make sure you to sign up for updates to your VoIP server operating system from the manufacturer. These updates often fix security vulnerabilities that may have been found in the software and should be installed as soon as you receive the alerts.
Following these steps should protect your voice data and ensure that your VoIP network runs smoothly. What measures have you employed to secure your VoIP network?