Prevent phone-fraud – secure your customers’ IP phone networks today

Securing a customer’s IP phone network protects both the reputation and financial state of their business.

Money talks

Phone fraud is a big business. A single breach of an IP phone network can cost your customers thousands of pounds in the span of a few hours. The fraud is executed by hackers who breach weak or non-existent security on an IP phone network. The hacker then uses a corporate PBX to place multiple toll calls. As these calls are placed from a corporate PBX, the provider charges the business that owns the PBX for the calls that were made. In almost all cases, the business is legally obliged to pay for those calls. The problem of phone fraud is no longer something that businesses can afford to ignore.

 

The Ultimate Checklist: Have you got the right tools in place to meet your customers changing telecoms needs?

Download the eGuide

The Ultimate Checklist

Help your customers enhance their infrastructure

Download the eGuide
Cloud partner

Practice makes perfect

The first big step towards securing your customers’ IP phone networks is starting to treat your SIP network traffic the same as you would any other network service. Every business has best practices and policies that govern general network access, email, web surfing and mobile devices. Make sure your customers have the same in place for their SIP services.

Separation anxiety

Before businesses moved from analogue phones to IP phone networks, chances are that employees could not access anything relating to their phones from the corporate computer network. Why should they be able to access the phone network now simply because its underlying protocol has changed? The best possible configuration is to have physically separate phone and data networks. If this isn’t realistic, VLANs can separate traffic. No data should be able to traverse between the two networks without passing through a network security device.

Self-aware

Standard network firewalls are no longer adequate to handle the security of voice traffic. At the very least, network security devices should be SIP-aware. Ideally, a Session Border Controller (SBC) should be used to secure and control access to SIP services. In addition to providing security for SIP services, an SBC can also allow for interoperability with other communications services and often improves performance.

The path less travelled

Traffic that doesn’t have to pass across the public internet is better protected than traffic that does. If your SIP trunk provider offers connectivity services in addition to their voice services, it may be possible for SIP traffic to be routed over a private network from the IP phone network all the way to the provider’s SIP servers. This traffic cannot be intercepted or misdirected by someone with malicious intent.

Sharing is caring

Select a provider who cares about SIP trunk security as much as you do. Many providers have services that will limit exposure to fraudulent activities. These services include:

› Geographical limiting, blocking calls to countries that you specify
› Call type limiting, blocking calls to toll or pay-per-use number ranges
› Volume limiting, blocking all calls if a certain threshold of calling minutes is reached in a given timeframe

Selecting a provider who is willing to share the burden of SIP trunk security with you ensures that your clients’ financial exposure is minimal even if a breach does occur.

An ounce of prevention

Ignoring the security of IP phone networks is likely to be a costly mistake. Spending some time now to protect your customers’ voice networks can provide them with better uptime and higher call quality. Most importantly, it will provide you with greater customer satisfaction.

Categories

25 July 2014 | Justin Coombes

Categories

The views in this article are the personal views of the author and are not necessarily endorsed by Gamma.