In many respects, hosted VoIP service can rightfully be considered safer than that of the on-premise variety, for the simple fact that proper vigilance of a VoIP system requires continuous monitoring which an outsourced vendor should ideally have the resources, equipment and personnel to do. The crux of this premise, however, lies in determining that such a service provider is adequately prepared (and willing to indicate so) to deal with the myriad threats which hosted VoIP is vulnerable to. Additionally, there are other security measures users of hosted VoIP can employ to assist in ensuring the safety of their networks.
As the procuring and employment of security sufficient to effectively monitor VoIP service from external and internal threats can be expensive, it is frequently to the user’s advantage to simply pay for this service as part of its monthly fee for utilizing hosted VoIP. However, it then becomes prudent to determine that the vendor selected has the tools and the wherewithal to adequately protect the interests of its customers from security violations.
Hosted providers should have tools such as firewalls with added functionality specific to VoIP, as well as sophisticated intrusion-prevention systems that can be configured for VoIP threats. Additionally, Virtual private networks can allow voice traffic to be encrypted and transmitted over secure pathways. It may be useful to have vendors share an audit trail from an independent auditor to prove the security of their systems.
Such service provider methods of security can also be augmented by a number of methods that end-users can utilize. Anti-virus software can always be purchased and implemented by hosted VoIP users, while a particularly effective method of supplementing vendor security measures is to separate voice and data traffic into their own LANs. By utilizing virtual networks to transmit the information from the single physical network into respective ones for data and voice traffic, users can hone in on voice data more effectively to monitor specific activities that may pose threats.
Nature of the Threat
While the prudent application of security measures by both hosted VoIP vendors and their users greatly decreases the likelihood of security breaches, it should be understood that hosted VoIP faces many of the same sorts of malicious intrusions that on-premise VoIP does. Common threats include systemically distributed denial of service attacks (in which service is inaccessible), as well as hackers tapping calls, accessing other network components, and making free calls on the user’s service.