News & Updates

Home/Latest News/VoIP Security: Use a layered approach to ensure it
  • VoIP Security has to be layered

VoIP Security: Use a layered approach to ensure it

Nowadays the Private Security Industry in South Africa is thriving. Homeowners and Businesses alike are signing up for sophisticated systems to protect their assets.  Most people are taking a layered approach to their security, such as electric fences, CCTV solutions and armed response. Similarly to the Security Industry, the deployment of VoIP solutions has also greatly increased. Unfortunately, some of the key factors that make VoIP so attractive have also become it’s Achilles heel. VoIP allows for flexibility and accessibility and as such can expose it to misuse by criminal elements.  It is for this reason that it has become increasingly important to consider VoIP security to prevent financial losses.

Imagine you are at a restaurant; a stranger walks up to your table, grabs your mobile phone and starts making calls all over the world. After a few minutes, they put your phone back down on the table and walk away. Not only has a complete stranger depleted your airtime; you’ll also have to pay for the calls that they have made. This scenario might seem exaggerated as it’s highly unlikely anyone would just sit back and let this happen. However, in reality with VoIP and other related Internet-based services, it’s a common occurrence. As much as we are security conscious in other aspects of our lives, VoIP and network security it’s often overlooked. The consequence of this oversight could have serious financial implications.

A Layered approach to VoIP Security is Essential

Just like you treat your home or business’s physical security VoIP security needs a layered approach.  Here are a few suggestions we would recommend implementing to assist in mitigating against a VoIP security breach:

  • Securing your network and restrict access to the LAN (network) from the internet. This involves strict Firewall rules which will deny unauthorised traffic from entering your network. Furthermore, ensure that the destination NAT (dstnat)  is very strict. Also, ensure that common ports are not used if you have remote access to your VoIP devices.
  • Services such as API, FTP, ssh, telnet, HTTP and winbox should be customised not to be accessible via their traditional ports. If not in use disable them. In addition, it’s advisable not to use traditional ports like 80, 22, 23 and so forth. These ports are easily identifiable and have well-known usernames and passwords.
  • We would strongly advise that you read the following forums if you run MikroTik within your network: Forum 1, Forum 2 and Forum 3. Most importantly, ensure that you are running the latest MikroTik firmware, older versions have a number of vulnerabilities.
  • Disable SIP ALG on your router or modem. This setting not only affects SIP signalling which can cause issues such as one-way voice. It also makes a VoIP device easily identifiable from the internet. If a VoIP device responds to a port scan it makes it easier to identify on the internet. This is how perpetrators can identify the type of device on-site and how easy they can compromise it.

Ensure that your PBX is secure if you don’t have a Switch Telecom Hosted Switchboard

  • First and foremost, change all default login passwords on your PBX and handsets. If your network is being breached, a customised login password will prevent or delay access to the PBX
  • Customise the inbuilt Firewall of your PBX if possible.
  • Make sure that you are aware of any vulnerabilities your onsite PBX might have. As an example:
  • If you do not need remote extensions, ensure that the PBX does not allow remote extension registration. It is also possible to grant certain network access to the PBX to prevent unauthorised access from unwanted networks.
  • Customise outbound rules. If your PBX allows for it then implement pin dialling.
  • If possible disable IP Calling on your handsets. This will prevent the phone from responding to port scans which will ensure that the devices are not accessible on the internet.
  • And lastly, change the Local SIP Port to any random port. Changing the local SIP port from the traditional 5060-5063 ports makes the phone inaccessible to port scans.

Your VoIP Provider should offer innovative security measures to help protect against Security Breaches

A specialist VoIP provider will set up credit limits on client accounts. They should also properly maintain security patches. Most importantly, the VoIP provider should speedily identify and combat any untoward activity. Switch Telecom has developed and implemented an Auto-Provisioning system for phone setup. Apart from saving time and minimising onsite support, the system secures phones through the implementation of various security settings. The auto-provisioning system is able to provision most Yealink and Grandstream phone models.
Further to Auto-Provisioning, Switch Telecom offers various other innovative ways to ensure the security of your VoIP Solution. Call barring options, IP access control lists, custom outbound rules (only on the Switch Telecom Hosted Switchboard), tight credit management, authorised account contacts are just some of the ways we layer the security of our solutions.

VoIP Security is a Team Effort

Even though Switch Telecom continues to make advances in ensuring VoIP security on all its solutions, a layered approach is essential. And it’s for this reason that all stakeholders should ensure the security of their devices and networks in order to safeguard against security breaches.

Our team of experts are always on hand to assist with advice when it comes to your VoIP security. Feel free to Contact us to discuss.

Jul 5th, 2019|Latest News|

Share This Story, Choose Your Platform!

  • Switch Telecom Facebook
  • Switch Telecom Linkedin

News and updates

Our VoIP Softphone is Now Available

Switch Telecom has launched its very own browser-based VoIP Softphone. It's compatible with most internet browsers. It was specifically designed for desktop use but can also be used on a mobile phone. The solution is free of charge for all Switch Telecom Hosted Switchboard clients. The VoIP Softphone Features When using the Softphone a user can make and receive calls via the easy-to-use interface. They can put callers on hold and they can also do attended and unattended transfers. Users [...]

Aug 30th, 2021|Categories: Latest News|

Is an Onsite FreePBX really Free?

When changing to a VoIP communication solution, companies often consider an onsite PBX. The FreePBX is one of the most popular onsite PBX solutions available. For some companies, the FreePBX seems to tick all the boxes. But are there downfalls? Despite all the bells and whistles, what challenges exist for such implementations? Most companies will adopt the use of the FreePBX because of its open-source license, which is free to obtain and use. There is much appeal as the FreePBX [...]

Aug 12th, 2021|Categories: Latest News|

Your VoIP Solution and the END of 2020

Your VoIP solution is going to save you a lot of money during the festive season. Using your VoIP solution to contact friends and family. Calling internationally can be cheaper than calling them on a local mobile number. (This obviously depends on the destination you’re calling). There are also numerous ways to stay connected to your clients without being tied to an office desk. This means you can relax and unwind with the knowledge that your customers can still get [...]

Dec 7th, 2020|Categories: Latest News|

Primary Rate ISDN Discontinuing; Reach for a VoIP Solution

With the news of the discontinuation of Telkom's Primary Rate ISDN services, a lot of businesses are having to consider alternative options to ensure the continuation of their telephony services. Let's face it, communication has become an essential lifeline of any business. Bigger businesses have previously used PRI or Primary Rate ISDN services linked to an onsite switchboard. Telkom will no longer offer or support this service as of the 31st December 2020. So now is the time to change. [...]

Oct 29th, 2020|Categories: Latest News|

4 Reasons to Switch to a Cloud Based Switchboard (PBX) 

This article was written by Strategic Online Marketing Services As a digital marketing agency, we receive multiple calls daily, which is one of the reasons we look to future proof our business telecoms with a cloud based PBX. Buying and maintaining a traditional switchboard or PBX service is an expensive exercise, and these costs can increase significantly when you include the wiring, equipment, proprietary phones and installation fees. With a cloud based PBX, all you need is a reliable internet [...]

Sep 4th, 2020|Categories: Latest News|

Lockdown and beyond – Unleash the power of your Switch Solution

It’s been 27 days since the government announced the lockdown of our country. The lockdown has had a massive impact on the way we communicate as individuals and, for those that can; the way we conduct business. As we all come to terms with the COVID-19 outbreak, we’d like to take this opportunity to share the steps that we have taken to ensure that we continue to offer the levels of service that you expect from Switch Telecom: Our primary [...]

Apr 22nd, 2020|Categories: Latest News|

Need a VoIP Partner? Reseller vs. Wholesaler

Do you need a VoIP partner because you are thinking of starting to offer VoIP services to your existing client base? Or are you tired of working with an unreliable VoIP partner? Becoming a VoIP Reseller or VoIP Wholesaler is an exciting step for any business. Changing your current partner might seem less exciting. Choosing the right company in both instances can be daunting. Anecdotal evidence suggests that more and more South Africans are marrying later in life.  Being far [...]

Mar 6th, 2020|Categories: Latest News|

Grandstream now stocked by Switch Telecom

Grandstream’s advanced line of IP phones, voice conferencing solutions, and analogue telephone adapters (ATAs) will now be available to purchase from Switch Telecom. Switch Telecom's clients and resellers will now have access to the latest technologically advanced IP Telephony powered by Grandstream. Take advantage of our special launch prices on a number of the Grandstream cordless and desktop phones. You can also choose from a range of Reception and Executive desktop phones for your business. Most importantly, all IP devices [...]

Feb 19th, 2020|Categories: Latest News|
Go to Top