PhoneSuite - Blog

The Security Behind VoIP

Written by Aimee Meester | Fri, Feb 28, 2014 @ 09:00 PM

As people continue to accept Voice over Internet Protocol (VoIP) telephony, a growing number of networks and legacy systems are connecting with Internet Service Providers as a means of reducing costs while upgrading to better, more advanced phone features. But while businesses are excited about all that VoIP has to offer, there are still some questions with regards to security. How safe and secure is VoIP telephony, anyway?

It's very important that business owners understand what security risks may exist, and how they can be avoided. First, you must consider that even though the voice aspect of VoIP is the most important part of user experience and service expectations, the IP part is critical in terms of data security. And as with any computer, your network's infrastructure can be attacked without the proper precautions.
VoIP presents a unique set of security challenges, but these challenges can be overcome with a bit of careful planning. Here are a few tips for securing your hotel's VoIP phone system:

  • Give thought to the VoIP protocols you choose - The various protocols and vendors for VoIP equipment all come with their advantages and disadvantages. Before making a decision, make sure that the equipment will meet your specific needs, not the other way around. Having exactly what you need and what you can understand will reduce security risks.
  • Turn off unused protocols - There are plenty of unknown variables that could be exploited with the protocols that you do use, so why would you set yourself up for more risk by enabling protocols and services that you aren't using?
  • Monitor carefully - Always remember that, like a computer, each element in your VoIP infrastructure could be attacked if not properly monitored. Work with a service provider who can keep an eye on your hotel's phone system around the clock.
  • Divide and conquer - Minimize risks by separating your VoIP and other IP-based infrastructure by means of either physical or logical separators. It's also wise to separate VoIP servers from the internal network. This is because there are several security devices that aren't fully able to interpret VoIP signaling commands. This can open dynamic communications ports, making your network somewhat vulnerable to bounce attacks.
  • Authenticate remote terminals - It is possible to upgrade and manage VoIP terminals from a remote location. Be sure to authenticate IP addresses and unique user names for authorized personnel to avoid allowing hackers to access or manage your services.
  • Track the communications ports - Your hotel's VoIP security system should be able to track communications ports. The system should read inside signaling packets as a means of discovering which ports are selected and to enable two endpoints to transmit media packets to one another. The system should also have the ability to understand and enforce the proper chain of operations. 
  • Utilize NAT - Network Address Translation (NAT) is able to convert internal IP addresses into a globally unique IP address for routing via the Web. The additional benefit of hiding the network is invaluable. The only time you should not use NAT is if your VoIP provider informs you that it will cause a special problem with the network.
  • Security system checks - Utilize a security system that is able to look into the VoIP stream, analyze the state of the call, and check it for service content as a means of ensuring that all parameters are consistent with your hotel's needs.

 

When all has been said and done, reliable VoIP phone service providers for hotels will have a strong plan in place to secure your network. By working with the best and taking precautions, you can enjoy VoIP with confidence.