To give you the best experience, this site uses cookies. By continuing to use our site, you agree to our use of cookies. To learn more, please read our privacy policy.
To give you the best experience, this site uses cookies. By continuing to use our site, you agree to our use of cookies. To learn more, please read our privacy policy.

The VoIP Report

Creating a Layered Approach to Cybersecurity
May 15th, 2017

Creating a Layered Approach to Cybersecurity

Ian Linton

It's not longer enough to have a static cybersecurity approach. Instead, businesses are moving to a layered approach to cybersecurity. Find out why.

If you operate a communications solution like VoIP or Unified Communications (UC), you need an effective security solution to protect your networks, your data, and your business. VoIP and UC are Internet-based solutions and therefore face threats from hackers and cyber criminals.

Individual point security measures offer a degree of protection. However, the latest SIP trunking services offer a multi-layered level of protection to significantly reduce the risk of attacks. SIP trunking connects your internal phone system to service providers and the public telephone network.

So how can you create a layered approach to cybersecurity? Keep reading to find out.

Impact of cyber attacks

If cyber attacks are successful, any loss of confidential personal or private data can have serious financial consequences. If your business is subject to regulatory compliance, any security breaches could leave you facing penalties and loss of customer confidence.

Attacks on the network can lead to productivity losses, damage customer service and disrupt the business.

Types of security threats

Communications networks face two types of threat – threats to the media payload and threats to signaling protocols.

Media payload threats – Hackers can intercept or eavesdrop on your calls. Private, company or client information is then at risk. This can damage your business and you could face penalties for non-compliance.

Signaling protocol threats – If criminals attack your network’s signaling protocols, you could face service or business disruption, and loss of revenue. There are three types of threat:

  • Telephone Denial of Service (TDoS). Attackers repeatedly call your phone numbers using automated calling machines. The result is that all numbers are engaged and your business would have no incoming or outgoing call service.
  • Toll fraud. Hackers access your phone system and make repeated calls to long distance and international destinations. You’ll face a very large, unexpected bill.
  • Caller ID theft. Criminals can steal identities and pose as someone else. They can then steal confidential information, which can lead to financial loss and penalties for non-compliance.

Securing your business

These threats are serious. But, by using SIP trunking and other security measures, you can create multi-layered protection for your business. You should develop stringent security policies based on best practice and monitor your networks regularly to detect unusual activities.

SIP trunks incorporate two separate forms of encryption:

  • Transport Layer Security (TLS) protects signaling protocols and prevents hackers from capturing names and telephone numbers.
  • Secure Real-Time Transport Protocol (SRTP) protects audio and video traffic.

Security experts now recommend SIP trunking that integrates TLS and. TLS provides encryption between your site and your service provider. SRTP provides media encryption throughout the SIP service provider’s network. Integrating them optimizes both signaling and media protection.

You can improve security further by choosing suitable access equipment at your site. Routers and firewalls are low-cost security solutions suitable for smaller businesses.

If you have high data volumes or VoIP solutions that require traffic prioritization and Quality of Service, Session Border Controllers provide a more effective solution. They support integrated TLS/SRTP encryption and don’t require dedicated hardware to enable encryption.


Related Articles