When Voice over IP first emerged, there was little consideration given to security matters, with most users focusing on cost, reliability and features. But now that VoIP has gained mainstream acceptance, security has become a critical concern. This is especially relevant as VoIP rapidly takes over from one of the world’s most secure communications systems – the traditional telephone service.
The threats faced by VoIP users are diverse and pervasive. In contrast to traditional telephone numbers, there's little centralized control of IP addresses. This anonymity makes address spoofing easy, and means VoIP is vulnerable to the same intrinsic security threats that all IP applications face.
Electronic eavesdropping, packet sniffing, service theft, malware, denial of service, call tampering, call hijacking, man-in-the-middle attacks and voicemail spamming are just some of the dangers to your business. These attacks may be launched from compromised devices both outside and within your network, including IP handsets, laptops, and even printers. Your IP phones are simply another potential entry point into your business network.
To modern cybercriminals, eavesdropping on phone calls and hacking voicemail messages can be a lucrative venture once they gain access to sensitive business information, credit card details, or corporate secrets. Toll fraud is also a financially rewarding endeavor for global phone pirates who on-sell the illicit use of your VoIP service to unsuspecting consumers.
A Robust Network Security Policy is Your Best Defense
The good news is that these risks can be mitigated or prevented by ensuring a robust network security policy is in place. An important first step is to implement a LAN authentication scheme encompassing users and devices. If your company uses an authentication standard like 802.1X, this will be insufficient because IP phones are unlikely to support the necessary 802.1X supplicant. A better approach is to ensure you're aware of all non-user devices connecting to your network, and use an authentication method that allows you to whitelist specific known devices, or identify them automatically using reverse DNS.
Then you'll need to assign roles and access rights to devices. For example, you could assign VoIP handsets to a VoIP role and specify that those handsets may only communicate with your call processor. This would prevent direct communication between a handset and another user device on your network. You could even go further and implement a policy that says devices in the VoIP role may only communicate using the H.323 and SIP protocols, to further safeguard against data-based attacks.
These policies can be implemented on LAN switches and are very effective in preventing phones and other devices from becoming a source of attack. A compromised handset that had been loaded with vulnerability scanning software would be unable to scan your entire network for open ports, or attack the call processor using a non-voice protocol. It's important to apply these protection measures at the user edge of your LAN in order to halt malicious traffic flows at their source.
You can also set up firewalls and intrusion prevention systems to monitor and filter VoIP traffic, and to track unusual voice activity. Sensitive voice traffic can be encrypted, and you can use VLANS to segment voice traffic and keep it separate from data traffic, adding another layer of defense. Finally, keep your operating systems up to date, and restrict the ability for users to upload software to phones.
To reduce the risk of toll fraud, your dial plan can be configured to restrict permitted call types by destination, device, user, time of day and various other criteria. Voice network access may also be restricted by device or by username and password.
Is VoIP Really Secure?
In some ways, VoIP is inherently more secure than traditional phone services, and certainly more secure than your cellphone. Consider for example what it takes to tap a legacy phone line. If the call is in analog format, an intruder simply taps into the line using a lineman’s butt set. Even picking out a specific conversation from a time-division multiplexed trunk group is relatively simple. Now compare that with isolating a conversation from an IP transmission, where packets are buried within a protocol stack and the intruder must decode the IP layer and transport layer before decoding the voice packets – all in real time.
In fact, it’s much easier to eavesdrop on a conversation over an office cubicle partition or in a public space than it is to intercept a VoIP call. So in addition to implementing a network security policy, it’s wise to remind your employees to take simple precautions like not discussing confidential business matters in a crowded location, and deleting sensitive voicemail messages when no longer needed. Physical security is equally important, and it’s a good idea to ensure your VoIP equipment cannot be easily accessed by unauthorized personnel.
Hosted VoIP Security Considerations
If you’re using a hosted VoIP system, investigate your service provider to ensure they have provisioned your service with security in mind. Back-end components like call processors, gateways, routers, and firewalls will be housed in the provider’s premises, so check whether they run a secure network operation facility.
In addition to ensuring all VoIP hardware and software is properly secured, your provider must guarantee that critical services like E911 are enabled correctly. You should also assess your provider’s security offerings such as user authentication, IPSec, SRTP, encryption, VLAN configuration, access control lists and signaling security. Finally, you may wish to evaluate any SOX, HIPAA or other compliance regulations that might apply.