Substituting one technology for another is a common practice in enterprise environments today. Advancements, new capabilities and better functionality make updates and upgrades a common phenomenon. One change that continues to draw attention is the replacement of the analog landline with voice over Internet Protocol (VoIP).
VoIP delivers considerable benefits for both businesses and consumers, eliminating the high long-distance charges that traditionally accompany nationwide calling and streamlining all communications across one platform. But just like other Internet technologies, VoIP systems can be a point of vulnerability, attracting hackers who are looking to get something for nothing. Unfortunately, the same tools and techniques used to hack into the enterprise network can now be applied to VoIP connections.
For a number of years, this wasn’t a problem. A recent Tech Target (News - Alert) article highlighted how companies using VoIP were able to hide behind a veil of obscurity. Simply put, not many companies were using VoIP yet, and it just wasn’t on the radar for hackers. As VoIP and SIP trunks increasingly replace the PSTN, however, a new door for malicious entry is being created.
This doesn’t mean that companies shouldn’t take advantage of the benefits associated with VoIP; it simply means that they need to be aware of the increased vulnerabilities and take the necessary steps to protect their networks, applications and users. While VoIP hacking is certainly possible, there are plenty of tools and security measures available to prevent it.
The growing usage of VoIP is drawing the attention of hackers who may have previously met with iron-clad firewalls on the network side but now find VoIP as a potentially unguarded attack vector. If the enterprise or small business hasn’t taken the necessary step to protect itself against such intrusion, the VoIP system and the network itself is at risk. As such, IT managers need to work with their VoIP provider to ensure the system is well-protected against these intruders.
There are several best practices for VoIP security, which should be studied and followed thoroughly. The first step, of course, is recognizing that vulnerabilities exist and taking the necessary steps to shore up potential entry points. From there, encryption, authentication and plain common sense can go a long way to protect the value of your VoIP system.
Edited by Blaise McNamee