Protection for VoIP calling

VoIP technology is by now the standard in telephony. This technology  sends your voice in a data packet over the lines using the Internet Protocol (IP). VoIP phone systems are therefore nothing more than computers with special functions. But, like any computer, the system needs protection from attackers.

Risks to VoIP phone systems

VoIP uses an open IP network for transmissions. In other words, voice communication shares its data streams with email and websites. 

  • The biggest threats arise when a third party invades one of the components involved. There are many dangerous scenarios: The intruder might be calling at someone else’s cost, eavesdropping on conversations, or scanning your connection data or contacts. 
  • “Man-in-the-middle” attacks represent an equally grave risk. Attackers insert themselves between the two people in the conversation without their knowledge and have complete control over data transfers. They can see information or even fake someone else’s identity.
  •  Attackers can also cause damage indirectly. By recording telephone calls, they can later generate entire dialogs that can then be used to purchase goods from electronic order systems, for example.

How to protect your VoIP phone system

  • Watch for initial signs:
    • If you have problems accessing voice mail messages or the line suddenly appears to be busy, you should not simply ignore it. Have a technician  look into this to rule out any misuse.
    • Another red flag for hacking attempts can be a short, frequent ring on an extension. 
    • It is also a good idea to look regularly at the system log. Multiple calls that are unusually short or frequent calls from toll-free numbers may be caused by manipulation, but not necessarily. 
  • Assign individual passwords or PINs. 
    After installation of the phone system, you should set aall default passwords individually. Avoid PINs that match the number of the extension or simple codes such as 12345. Mailbox passwords should ideally be changed on a regular basis. . 
  • Restrict access to the system administration.
    This applies to both business and home systems. As few people as possible should have direct access to the phone system, and that means both physical access and access to internal functions. The phone system should be kept in a room that can be locked. In businesses, only trustworthy and trained staff should have access to the system’s setup functions or functions for entering user data. At home, it is helpful to set up an admin password. 
  • Disable unused answering machines.
    It is best to disable all voice mail inboxes in the system that are not assigned to a user or an extension. For businesses, this means that when an employee leaves, their voice mail inbox should be deleted. 
  • Turn off unnecessary functions.
    Have all functions that you don't need switched off or disable them yourself. This goes for functions such as the ability to log in from anywhere, which is available in many systems. Functions that allow remote access to the system or its core functions also present a security risk. 
  • Use number lists.
    As with smartphones, minimize potential damages by blocking phone numbers or prefixes of toll-free numbers. Phone systems usually offer the option to create both blacklists and whitelists. A blacklist only blocks numbers that have been saved to the list. All other parties can be called. Whitelists reject all numbers unless they are on the list.
  • Disable keyboard sounds: 
    If technically available in the system, sounds that confirm key presses when a PIN is entered should be switched off. If the sounds are being recorded by a hacker, it is relatively easy to gain access to the voice mailbox.
  • Install patches:
    The more recent, the better. Patches and updates supplied by the provider should be installed immediately after the provider makes them available. This usually eliminates any security loopholes.
  • Secure the entire network!
    In businesses, the VoIP system is part of the corporate network. It must be protected across the board. This includes a correctly configured firewall that works correctly with VoIP data. You can find tips for your home network in the Wi-Fi chapter.

Was this content helpful to you?

Further reading