6 Steps to SIP trunking security. How securing your network secures your phone lines.

Similar documents
Server Security. Contents. Is Rumpus Secure? 2. Use Care When Creating User Accounts 2. Managing Passwords 3. Watch Out For Aliases 4

VOIP THE ULTIMATE GUIDE VERSION /23/2014 onevoiceinc.com

Avaya G700 Media Gateway Security - Issue 1.0

Intelligent SIP trunking for experts. Service guide

SIP Trunking with Microsoft Office Communication Server 2007 R2

Bridgit Conferencing Software: Security, Firewalls, Bandwidth and Scalability

Police. 21st Century Security Problem for Police Authorities.

Grandstream Networks, Inc. UCM6100 Security Manual

Security & Encryption

CHAPTER 1 INTRODUCTION

Building the Lync Security Eco System in the Cloud Fact Sheet.

Avaya TM G700 Media Gateway Security. White Paper

Ingate Firewall/SIParator SIP Security for the Enterprise

Release Notes for NeoGate TE X

FREQUENTLY ASKED QUESTIONS

OfficeMaster Gate (Virtual) Enterprise Session Border Controller for Microsoft Lync Server. Quick Start Guide

Copyright ZYCOO All Rights Reserved 1 / 8

BlackBerry Mobile Voice System

Configuring Positron s V114 as a VoIP gateway for a 3cx system

Security. CLOUD VIDEO CONFERENCING AND CALLING Whitepaper. October Page 1 of 9

OpenScape Business V2

How To Protect A Wireless Lan From A Rogue Access Point

Your Voice is Critical. OpenScape Enterprise voice solutions gives power to voice

Securing Unified Communications for Healthcare

Recommendations for secure deployment of an IP-PBX

Quick Install Guide. Packet8 Response Point Adapter (RPA) Version 2.0 (SP2)

VoIPon Tel: +44 (0) Fax: +44 (0)

SIP Trunking Configuration with

How To Secure A Voice Over Internet Protocol (Voip) From A Cyber Attack

Network Segmentation

WHAT THE FRAUD? A Look at Telecommunications Fraud and Its Impacts

Your Voice is Critical. OpenScape Enterprise voice solutions gives power to voice

SIP Security Controllers. Product Overview

FAQ - Features Question Question Question Question Question Question

Configuring Quadro IP PBXs with "SIP Connect"

Beyond passwords: Protect the mobile enterprise with smarter security solutions

Oracle s Solution for Secure Remote Workers. Providing Protected Access to Enterprise Communications

Yes MAM: How Mobile Device Management Plus Mobile Application Management Protects and Addresses BYOD

Securing SIP Trunks APPLICATION NOTE.

How To Protect Your Network From A Hacker Attack On Zcoo Ip Phx From A Pbx From An Ip Phone From A Cell Phone From An Uniden Ip Pho From A Sim Sims (For A Sims) From A

Application Note Configuring the Synapse SB67070 SIP Gateway for Broadvox GO! SIP Trunking

Network Connection Considerations for Microsoft Response Point 1.0 Service Pack 2

VoIP Security regarding the Open Source Software Asterisk

Implementation Guide

VoIP Resilience and Security Jim Credland

Mitigating the Security Risks of Unified Communications

IP Office Avaya Radvision Interoperation Notes

FAQ - Device Question Can I forward calls to my mobile device? Question Can I have my greetings professionally recorded?

Asterisk: The Future of Your Phone Service

Villains and Voice Over IP

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

Business Telephony Security

HOW WE DELIVER A SECURE & ROBUST HOSTED TELEPHONY SOLUTION

Recommended IP Telephony Architecture

8 REASONS MORE COMPANIES ARE MOVING THEIR BUSINESS PHONES TO THE CLOUD

Security and Risk Analysis of VoIP Networks

VOIP SECURITY: BEST PRACTICES TO SAFEGUARD YOUR NETWORK ======

8 Steps For Network Security Protection

Comparing Session Border Controllers to Firewalls with SIP Application Layer Gateways in Enterprise Voice over IP and Unified Communications Scenarios

Best Practices for PCI DSS V3.0 Network Security Compliance

Skype Connect User Guide

Voice over IP (VoIP) Vulnerabilities

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ ITMC TECH TIP ROB COONCE, MARCH 2008

Extension Manual User portal, Dial codes & Voice mail for 3CX Phone System Version 6.0

Understand SIP trunk and registration in DWG gateway Version: 1.0 Dinstar Technologies Co., Ltd. Date:

Ram Dantu. VOIP: Are We Secured?

Control Panel User Guide

AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com

Extension Manual. User portal, Dial codes & Voice mail for 3CX Phone System Version 7.0

VoIP Security. Customer Best Practices Guide. August IntelePeer

MyPBX Security Configuration Guide

Common Cyber Threats. Common cyber threats include:

UX5000 with CommPartners SIP Trunks

RemotelyAnywhere. Security Considerations

Whitepaper. The Top 10 Advantages of 3CX Phone System. Why your next phone system should be software based and by 3CX

Written Testimony of John L. Barnes Director of Product Development Verizon Business. Hearing on VoIP: Who Has Jurisdiction to Tax It?

How To Deal With A Converged Threat From A Cloud And Mobile Device To A Business Or A Customer'S Computer Or Network To A Cloud Device

Top Three POS System Vulnerabilities Identified to Promote Data Security Awareness

8x8 Virtual Office Mobile User Guide for ios

SIP Trunk Configuration Guide. using

Transcription:

6 Steps to SIP trunking security How securing your network secures your phone lines.

The myths about SIP trunking can be misleading. There are stories that SIP has set off a cyber crime wave of corporate espionage and telephone fraud. They say SIP opens up network vulnerabilities, and that SIP trunking lets anyone listen in on calls. It s not true. The truth about SIP security. SIP trunking is growing in popularity faster than any other toll phone service. Experts project SIP trunking will be the sole PSTN connection in 42% of businesses by 2016*. Beyond cutting costs and adding features, decision makers are sold on SIP trunking s ability to centralize PSTN access, failover instantly, and provision channels as needed to deal with spikes in call volume. They are comfortable implementing SIP because they know it doesn t add vulnerabilities or put their organization at risk for fraud. SIP trunking only transmits information you want to transmit. SIP trunking is not an open door cut into firewalls, it s a controlled 2-way gateway to the PSTN. SIP trunking doesn t make it easier to eavesdrop on call audio. Security is only as good as the weakest link. In most cases, when it comes to information security, organizational networks are the weakest link. SIP trunking security is not only a question securing SIP connections. To keep SIP credentials, and all sensitive information, out of the hands of fraudsters, the entire network must be secured. *http://www.nojitter.com/post/240162594/sip-trunking-research-shows-rapid-growth-through-201 2

Securing IP communications starts with network security. Developments in business communications technology have created new usage patterns that require anywhere, anytime access to internal networks. Cloud-based SaaS, BYOD, and a remote and mobile workforce, are all placing greater demands on network availability while poking holes in network security. Insecure internal and cloud-based networks are the access point fraudsters use to seize control of communications accounts and sensitive corporate data. These six steps will reinforce network fortifications, and save accounting departments from using up the bonus budget to cover fraud liability. 1. Update all software In addition to feature enhancements, software updates are released to patch security vulnerabilities. On a daily basis, people all over the world are working to find weakness in network-based software. When they find it, word spreads fast, and a targeted cyber crime wave ensues. Reputable software companies employ people to find vulnerabilities first, so they can update their product to keep customers safe. It is important to update CRM, UC, PBX, or any other software that run on or access organizational networks. The latest version will be the most secure from attacks. This applies to firmware too. So make sure router firmware is up-to-date. 3

2. Create complex passwords Local network and voice device security is critical when blocking intruders from tapping your calls. Technology exists that can crack a 15 character password in a matter of minutes. It requires far more computing power than is realistically in the hands of attackers, but as Moore s Law states, computers grow more powerful every day. As processors become more powerful, exhaustive brute-force attacks against high-level encryption will become more feasible. An immediate threat is the ability to find dictionary words and common passwords that open account access. It is all too easy to build a crawler that will automatically attempt standard and default passwords (like 1234, etc.) in every password field it finds, until it gets one right. Create policies that require complex passwords on all accounts, including desk phones and voicemail accounts, and require that passwords are changed regularly. 3. IP authentication Authenticating account access based on IP address is an excellent way to deflect unwanted intruders. Lock down access by assigning a static IP address to each user, or user group, and establish a strict whitelist of approved addresses allowed network entry. Alternatively (if mobile users need to login from a dynamic IP address), build a blacklist of IP addresses known to exhibit threatening behavior (or see step 4v). Lists can be found online, and/or third party or custom built tools can be employed to monitor log files and automatically block IP addresses that have failed a preset number of password attempts. 4. Only permit trusted SIP providers A PBX is a potential entry point for security threats that needs to be locked down. Set firewalls to only permit trusted SIP connections by adding them to an IP whitelist so that intruders will be unable to connect to unauthorized accounts. 4

5. Understand your signaling and media Research providers and how they handle call transmission, decide which criteria are most important for you. If you want end-to-end encryption, SIPS plus SRTP is the the most secure, especially when the call won t touch the PSTN. It s good practice to secure the transmission path as much as you can when sending calls over the (always unencrypted) PSTN. By using a provider that sends signaling and media to the PSTN in two streams of disassociated information when making outbound calls, voice data can be obscured from identification. That way, if criminals intercept signaling at the provider level, all they ll have is numbers and IDs, not the audio. 6. Establish secure connections Business networks are being accessed from more and more locations as employees, and their work habits, become increasingly mobile. For fixed remote extensions such as home and satellite offices, you can gain control over the connection by setting up Virtual Private Networks rather than broadcasting connection credentials over the public Internet. If a dedicated connection is infeasible, use a non-standard SIP port (i.e. not 5060 or 5061) to disguise the transmission and access point. When employees access your organization s internal network from less established locations such as a public Wi-Fi connection (e.g., in a coffee shop), anyone watching the network can see and capture credentials sent via clear text. Because employees on the move demand nimble connections, establish secure connection protocols like SSL for all access to any point in your network from anywhere. 5

SIP trunking is as safe as you make it. The average cost of a toll fraud attack on a VoIP phone system in 2014 is roughly $36,000*. More often than not, the horror stories told about VoIP vulnerabilities stem from improperly secured networks. There are so many pros that it s hard to find an argument against connecting telecommunications through a strong SIP provider. Securing your network against intruders secures every component of your network, including Internet phone lines. For more information on telephone security and other industry insights and updates, subscribe at blog.flowroute.com. As the world s first pure SIP carrier, Flowroute delivers advanced SIP trunking that answers the needs of communications developers, SaaS service providers, and high-tech enterprises. Flowroute s unique technology and network services provide communications experts unparalleled performance, transparency and control of the voice communications that power their businesses. For more information about why we re the experts SIP trunking choice: www.flowroute.com blog.flowroute.com 1-855-FLOW-ROUTE (356-9768) hello@flowroute.com *http://it.toolbox.com/blogs/voip-news/voip-security-what-could-possibly-go-wrong-61802 Copyright 2015 Flowroute Inc. All rights reserved. FLOWROUTE and the swirl design logo are trademarks of Flowroute Inc. 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information