Security is one of the biggest concerns for companies who are not only thinking about switching to VoIP (Voice Over Internet Protocol), but even for businesses who have already made that switch. According to Spiceworks' data, 92% of IT pros have shown their concerns over security risks associated with using public WiFi on company-owned devices. For cybercriminals eavesdropping on voice and video calls is lucrative as it gives them an access to private business information and secrets. A rogue user can forge his way easily into the call control in the SIP gateway and con away thousands of dollars in calls to various countries across the globe. And not to mention the colossal damage to the company and its clients, causing image impairment and legal troubles resulting in big financial losses. So how can you mitigate the risks? Can you trust your VoIP system?
Make your VoIP more secure by following these effective strategies:
Choosing the right VoIP provider
All VoIP providers offer standard VoIP services- SIP trunking, DID numbers, etc. But are they implementing the right security measures suitable for your requirements? If your business has higher requirements/standards for secure communication and privacy, can they also provide encrypted phone calls as an extended service? It’s an important feature to consider while choosing a provider. Evaluate your service provider on services such as VLAN configuration, user authentication and encryption, as well as the security of configuring and signaling methods. The ideal adoption would be the one that helps you achieve maximum call security while being compatible with your existing infrastructure and communication protocols across networks.
Using security encryption protocols
Though a number of industry protocols ensure secure VoIP calls, the ones crucial for SMB & enterprise communications are:
1. The TLS Protocol
TLS (Transport Layer Security) is an encryption protocol designed to secure/encrypt SIP messages sent by a softphone or a PBX. More simply, it protects communications that occur between an application (usually your browser) and a server. TLS is a must for enterprise security because:
- it encrypts SIP messages so that they cannot be intercepted, read, or altered by cybercriminals
- In stricter jurisdictions, TLS enables unlocking of VoIP on many mobile networks where it could be blocked by default
- as Google is pushing for increased security by implementing HTTPS in all websites, TLS is vital for SMBs as it allows for adopting HTTPS (also known as HTTP over TLS, or Transport Layer Security), on their website
- lets you solve the NAT (Network Address Translation) traversal problems for SIP-based VoIP phones
2. The SRTP Protocol
Developed by Ericsson and Cisco in 2004, SRTP (Secure Real-Time Transport Protocol) is another cryptographic protocol that protects Real-time Transport Protocol (RTP) data by encrypting each individual packet, irrespective of whether the application is unicast (between an application and a server) or multicast (one-to-many, or many-to-many). If TLS is a protective tunnel, SRTP enhances security. It also has other benefits:
- enables additional encryption to protect data travel within the TLS tunnel
- ensures that no party can intercept, read, and alter the audio stream during the call
- natively supported by many VoIP devices, also can be configured for support
- involves less overhead than IPsec protocols
- does not alter voice quality
By combining these two standard protocols, you can protect your company's voice and business assets in the safest ways possible. Benefit from these two universally standardized security standards and enjoy hassle-free, encrypted communications.
At CounterPath, we ensure that our desktop and mobile softphones feature the highest levels of security. We implement both these security protocols and provide VoIP security solutions and services that enable users to engage with their customers, easily and securely, across channels. Protecting your organization’s VoIP solution is our foremost priority. To learn more about the security protocols that our softphones and server applications use: