News & Updates

Home/Latest News/VoIP Security: Use a layered approach to ensure it
  • VoIP Security has to be layered

VoIP Security: Use a layered approach to ensure it

Nowadays the Private Security Industry in South Africa is thriving. Homeowners and Businesses alike are signing up for sophisticated systems to protect their assets.  Most people are taking a layered approach to their security, such as electric fences, CCTV solutions and armed response. Similarly to the Security Industry, the deployment of VoIP solutions has also greatly increased. Unfortunately, some of the key factors that make VoIP so attractive have also become it’s Achilles heel. VoIP allows for flexibility and accessibility and as such can expose it to misuse by criminal elements.  It is for this reason that it has become increasingly important to consider VoIP security to prevent financial losses.

Imagine you are at a restaurant; a stranger walks up to your table, grabs your mobile phone and starts making calls all over the world. After a few minutes, they put your phone back down on the table and walk away. Not only has a complete stranger depleted your airtime; you’ll also have to pay for the calls that they have made. This scenario might seem exaggerated as it’s highly unlikely anyone would just sit back and let this happen. However, in reality with VoIP and other related Internet-based services, it’s a common occurrence. As much as we are security conscious in other aspects of our lives, VoIP and network security it’s often overlooked. The consequence of this oversight could have serious financial implications.

A Layered approach to VoIP Security is Essential

Just like you treat your home or business’s physical security VoIP security needs a layered approach.  Here are a few suggestions we would recommend implementing to assist in mitigating against a VoIP security breach:

  • Securing your network and restrict access to the LAN (network) from the internet. This involves strict Firewall rules which will deny unauthorised traffic from entering your network. Furthermore, ensure that the destination NAT (dstnat)  is very strict. Also, ensure that common ports are not used if you have remote access to your VoIP devices.
  • Services such as API, FTP, ssh, telnet, HTTP and winbox should be customised not to be accessible via their traditional ports. If not in use disable them. In addition, it’s advisable not to use traditional ports like 80, 22, 23 and so forth. These ports are easily identifiable and have well-known usernames and passwords.
  • We would strongly advise that you read the following forums if you run MikroTik within your network: Forum 1, Forum 2 and Forum 3. Most importantly, ensure that you are running the latest MikroTik firmware, older versions have a number of vulnerabilities.
  • Disable SIP ALG on your router or modem. This setting not only affects SIP signalling which can cause issues such as one-way voice. It also makes a VoIP device easily identifiable from the internet. If a VoIP device responds to a port scan it makes it easier to identify on the internet. This is how perpetrators can identify the type of device on-site and how easy they can compromise it.

Ensure that your PBX is secure if you don’t have a Switch Telecom Hosted Switchboard

  • First and foremost, change all default login passwords on your PBX and handsets. If your network is being breached, a customised login password will prevent or delay access to the PBX
  • Customise the inbuilt Firewall of your PBX if possible.
  • Make sure that you are aware of any vulnerabilities your onsite PBX might have. As an example: https://wiki.freepbx.org/display/FOP/2019-11-20+Remote+Admin+Authentication+Bypass.
  • If you do not need remote extensions, ensure that the PBX does not allow remote extension registration. It is also possible to grant certain network access to the PBX to prevent unauthorised access from unwanted networks.
  • Customise outbound rules. If your PBX allows for it then implement pin dialling.
  • If possible disable IP Calling on your handsets. This will prevent the phone from responding to port scans which will ensure that the devices are not accessible on the internet.
  • And lastly, change the Local SIP Port to any random port. Changing the local SIP port from the traditional 5060-5063 ports makes the phone inaccessible to port scans.

Your VoIP Provider should offer innovative security measures to help protect against Security Breaches

A specialist VoIP provider will set up credit limits on client accounts. They should also properly maintain security patches. Most importantly, the VoIP provider should speedily identify and combat any untoward activity. Switch Telecom has developed and implemented an Auto-Provisioning system for phone setup. Apart from saving time and minimising onsite support, the system secures phones through the implementation of various security settings. The auto-provisioning system is able to provision most Yealink and Grandstream phone models.
Further to Auto-Provisioning, Switch Telecom offers various other innovative ways to ensure the security of your VoIP Solution. Call barring options, IP access control lists, custom outbound rules (only on the Switch Telecom Hosted Switchboard), tight credit management, authorised account contacts are just some of the ways we layer the security of our solutions.

VoIP Security is a Team Effort

Even though Switch Telecom continues to make advances in ensuring VoIP security on all its solutions, a layered approach is essential. And it’s for this reason that all stakeholders should ensure the security of their devices and networks in order to safeguard against security breaches.

Our team of experts are always on hand to assist with advice when it comes to your VoIP security. Feel free to Contact us to discuss.

Jul 5th, 2019|Latest News|

Share This Story, Choose Your Platform!

  • Switch Telecom Facebook
  • Switch Telecom Linkedin

News and updates

Porting of Non-Geographic Numbers

Porting of non-geographic numbers is finally a reality. In a General Notice issued by ICASA on the 15th of December 2021, the Chairperson, Dr Keabetswe Modimoeng, announced that the Number Portability Regulations in Government Gazette No. 41949 dated 01 October 2018 will come into effect on 07 March 2022. Mobile and geographic number portability have had a major impact on the consumer. And now, porting of non-geographic numbers will further positively impact the market. Consumers and businesses will now be [...]

Jan 13th, 2022|Categories: Latest News|

Your VoIP Service and the Festive Season

Your VoIP service is going to save you a lot of money during the festive season. Using your VoIP service to contact friends and family. Calling internationally can be cheaper than calling them on a local mobile number. (This obviously depends on the destination you’re calling). There are also numerous ways to stay connected to your customers without being tied to an office desk. This means you can relax and unwind with the knowledge that your customers can still get [...]

Dec 3rd, 2021|Categories: Latest News|

VoIP Rollout: SEESA, Intelys and Switch

Background Our Client: SEESA (PTY) LTD offers a wide range of consulting services which include Skills Development, BEE Consulting, Labour Law and outsourced HR functions to over 36000 clients nationwide, across multiple industries. SEESA conducts a large portion of their business telephonically and is exceedingly reliant on their communication system. They have a staff complement of over 900 people based in 19 different branches across South Africa. Our Partner: Intelys Technology Africa is a Networking and Security Specialist, offering full-spectrum [...]

Nov 18th, 2021|Categories: Latest News|

Telephony deployment simplified with Switch Telecom’s Auto-provisioning system

The demand for cloud telephony services is at an all-time high. VoIP services and Hosted PBX solutions are becoming increasingly popular with small and large enterprises. There is a much lower barrier to entry in comparison to traditional PBX and telephony solutions. VoIP rollouts are usually easier and turnaround times are usually much quicker. Being in the cloud affords hosted PBX telephony solutions the flexibility that a physical telephony solution can't.  Adding and removing extensions is quick and easy. Routine [...]

Oct 6th, 2021|Categories: Latest News|

Our VoIP Softphone is Now Available

Switch Telecom has launched its very own browser-based VoIP Softphone. It's compatible with most internet browsers. It was specifically designed for desktop use but can also be used on a mobile phone. The solution is free of charge for all Switch Telecom Hosted Switchboard clients. The VoIP Softphone Features When using the Softphone a user can make and receive calls via the easy-to-use interface. They can put callers on hold and they can also do attended and unattended transfers. Users [...]

Aug 30th, 2021|Categories: Latest News|

Is an Onsite FreePBX really Free?

When changing to a VoIP communication solution, companies often consider an onsite PBX. The FreePBX is one of the most popular onsite PBX solutions available. For some companies, the FreePBX seems to tick all the boxes. But are there downfalls? Despite all the bells and whistles, what challenges exist for such implementations? Most companies will adopt the use of the FreePBX because of its open-source license, which is free to obtain and use. There is much appeal as the FreePBX [...]

Aug 12th, 2021|Categories: Latest News|

Your VoIP Solution and the END of 2020

Your VoIP solution is going to save you a lot of money during the festive season. Using your VoIP solution to contact friends and family. Calling internationally can be cheaper than calling them on a local mobile number. (This obviously depends on the destination you’re calling). There are also numerous ways to stay connected to your clients without being tied to an office desk. This means you can relax and unwind with the knowledge that your customers can still get [...]

Dec 7th, 2020|Categories: Latest News|

Primary Rate ISDN Discontinuing; Reach for a VoIP Solution

With the news of the discontinuation of Telkom's Primary Rate ISDN services, a lot of businesses are having to consider alternative options to ensure the continuation of their telephony services. Let's face it, communication has become an essential lifeline of any business. Bigger businesses have previously used PRI or Primary Rate ISDN services linked to an onsite switchboard. Telkom will no longer offer or support this service as of the 31st December 2020. So now is the time to change. [...]

Oct 29th, 2020|Categories: Latest News|

4 Reasons to Switch to a Cloud Based Switchboard (PBX) 

This article was written by Strategic Online Marketing Services As a digital marketing agency, we receive multiple calls daily, which is one of the reasons we look to future proof our business telecoms with a cloud based PBX. Buying and maintaining a traditional switchboard or PBX service is an expensive exercise, and these costs can increase significantly when you include the wiring, equipment, proprietary phones and installation fees. With a cloud based PBX, all you need is a reliable internet [...]

Sep 4th, 2020|Categories: Latest News|
Go to Top