Home > Unified Communications (IPT) > Protect Your VoIP System from Fraud

Protect Your VoIP System from Fraud

If your implemented VoIP system was exposed to fraud, would you know it? According to many experts, instances of VoIP fraud, or what is now termed “phone phreaking” in which hackers manipulate the switches and settings in a phone system, is on the rise.

As reported by cloud expert Jeffrey Kahn, three Australian business’ enterprise VoIP networks were recently compromised after they failed to change passwords and cap international calls. This neglect eventually led to opportunists hacking their VoIP networks and thus flushing them out of a whopping $49,200.

Because the majority of VoIP networks interface directly with a data network, a poorly designed network can expose a business to denial-of-service attacks, fraud, computer viruses, spam and eavesdropping. Luckily, there are precautionary steps businesses can take to thwart the potentially costly devastation caused by this recent VoIP plague sweeping the globe.

First and foremost, go with hosted VoIP: The more equipment and hardware a business has in-house, the more susceptible it is to potential fraud. Therefore, a hosted VoIP solution can prevent vulnerabilities as the softswitch is already in a secure data center as opposed to a random office space. Of course, it is important to ensure the hosted VoIP provider you choose has robust security measures in place. A hosting service provider will also be sure to keep up with security updates.

Separate VoIP and UC network traffic: A network can be protected once this traffic is separated into three planes, with their own dedicated protocols. Kahn also recommends encrypting protocol data between the endpoints.

Demarcation points: Normally implemented through data firewall devices, demarcation points between “trusted” and “untrusted” domains can ensure network security. Kahn recommends using enterprise session border controllers (E-SBC) for VoIP, however, as it performs various functions including protocol mediation, media transcoding, and overseeing interoperability between different vendors’ VoIP and legacy TDM kits. E-SBC deployment also comes with DoS attack prevention, call admission control, and signaling and media encryption.

Protect endpoint devices: As the Australian businesses learned, it’s pertinent that passwords of all the components of a system are changed.

Use VLANs: In order to fend off a DoS attack, businesses should opt for a VLAN or intrusion prevention systems for extra precaution.

Enforce a security policy: To ensure users don’t fall for phishing scams and/or participate in activities that could compromise network security, users must be aware of certain regulations, for example, keeping passwords secret and knowing what applications are safe to download.

originally posted at: http://hosted-voip.tmcnet.com/topics/hosted-voip/articles/211340-protect-voip-system-from-fraud.htm

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: