Your VoIP calls might need additional protection

  • Segment VOIP traffic using VLAN

  • Encrypt VOIP data

  • Make users aware of the security issues around VOIP

Voice over IP (VoIP) phone systems have become a mainstay for enterprises. They offer a range of features that can be integrated with existing company systems to create an infrastructure in which multiple communication methods – including voice, text, chat, email, and video – form a single, extensible platform. Such integrated systems facilitate collaboration, whether participants are across the aisle or around the globe, but carry the risk that access to one part of the system may allow access to other areas that house sensitive information.

The prevalence of VoIP for both business and personal voice calls has dulled our caution regarding the security of our phone calls. However, VoIP phone conversations can be intercepted, recorded, and analyzed by determined hackers. The stakes are at least as high for voice conversations as they are for data because the telephone has been considered to be normal communication for decades. Until recent advances in speech recognition technology, automating the extraction of information from voice conversations was a manual process. Now that entire conversations can be converted to text with high accuracy, email and voice communication can be assumed to be equally revealing.

Your organization’s VoIP system may be well protected but the risks are significant and call for a concerted effort to assure conversations are accessed by only those intended to participate. The first line of defense should be to segment all VoIP traffic on a virtual Local Area Network (VLAN) so that it is not intermingled with other kinds of data traffic that may not require the same level of security. In addition, all VoIP calls should be encrypted using the Secure Real-time Transport Protocol (SRTP).

In addition to VLAN segmentation and real-time encryption, consider these steps to minimize the impact of breaches through your VoIP network:

  • Make encryption multi-layered and specific to protect the network segment, the devices themselves, and the user interface
  • Inform users about built-in security features that exist within their phones, and how to use them
  • Enforce strong passwords on user accounts and voicemail boxes
  • Train users to look for and report suspicious incidents
  • Ask users to delete voicemail as soon as possible

The most important safeguard? Treat your voice network with the same level of security awareness as your enterprise data network.

Read more about AT&T’s Hosted VoIP solutions.

Scott Koegler is a technology journalist with a specialization on the intersection of business and technology. All opinions are his own. AT&T has sponsored this blog post.

Scott Koegler Writer Sponsored Post About Scott