As the world moves away from traditional landline phone service (especially the business world) and more people and businesses embrace VoIP and SIP technology, those making the switch will be presented with new opportunities, but also new risks.
A recent NY Times article highlighted some horror stories businesses need to keep in mind as they transition their phone networks to the Internet. Landlines are dying and VoIP/SIP is the way of the future, so just you shouldn’t discontinue Internet service from your business because it’s susceptible to cyber attack, you shouldn’t shy away from VoIP because it’s susceptible to the same security risks.
My point in telling you all of this is to emphasize the importance of taking phone security just as seriously as you do your computer systems.
So how can you protect your phone system? The NY Times story offers a couple of suggestions worth expanding on:
- The first thing to keep in mind is making sure each user sets up a strong voicemail password. Voicemail passwords are typically the gateway to all the phone’s features, including call forwarding. It’s important your organization really educate and enforce this policy.
- Similarly, call forwarding features, need to be be turned off or restricted to those accounts that actually need the feature, and strong access controls need to be implemented as well. Since many cases of network hacking make their money off of forwarding calls to international destinations, it’s imperative that feature be limited to only the select few employees (if any) that need it .
- Secure SIP credentials are also a must. Don’t use the same password for every device, portal or feature associated with your phone network.
- Beyond what you can do in the office, your carrier should have strong fraud monitoring provisions in place to keep an eye on your network. If not, then find a carrier that does.
If you want to truly get the most out of technology -- any technology -- the easiest first step is mitigating risks. Don’t forget about your phone system when looking at cyber security plans and measures. Apply these strategies to your phone system and you’ll make it a lot harder for cyber criminals to target your business.