News & Updates

//VoIP Security: Use a layered approach to ensure it
  • VoIP Security has to be layered

VoIP Security: Use a layered approach to ensure it

Nowadays the Private Security Industry in South Africa is thriving. Homeowners and Businesses alike are signing up for sophisticated systems to protect their assets.  Most people are taking a layered approach to their security, such as electric fences, CCTV solutions and armed response. Similarly to the Security Industry, the deployment of VoIP solutions has also greatly increased. Unfortunately, some of the key factors that make VoIP so attractive have also become it’s Achilles heel. VoIP allows for flexibility and accessibility and as such can expose it to misuse by criminal elements.  It is for this reason that it has become increasingly important to consider VoIP security to prevent financial losses.

Imagine you are at a restaurant; a stranger walks up to your table, grabs your mobile phone and starts making calls all over the world. After a few minutes, they put your phone back down on the table and walk away. Not only has a complete stranger depleted your airtime; you’ll also have to pay for the calls that they have made. This scenario might seem exaggerated as it’s highly unlikely anyone would just sit back and let this happen. However, in reality with VoIP and other related Internet-based services, it’s a common occurrence. As much as we are security conscious in other aspects of our lives, VoIP and network security it’s often overlooked. The consequence of this oversight could have serious financial implications.

A Layered approach to VoIP Security is Essential

Just like you treat your home or business’s physical security VoIP security needs a layered approach.  Here are a few suggestions we would recommend implementing to assist in mitigating against a VoIP security breach:

  • Securing your network and restrict access to the LAN (network) from the internet. This involves strict Firewall rules which will deny unauthorised traffic from entering your network. Furthermore, ensure that the destination NAT (dstnat)  is very strict. Also, ensure that common ports are not used if you have remote access to your VoIP devices.
  • Services such as API, FTP, ssh, telnet, HTTP and winbox should be customised not to be accessible via their traditional ports. If not in use disable them. In addition, it’s advisable not to use traditional ports like 80, 22, 23 and so forth. These ports are easily identifiable and have well-known usernames and passwords.
  • We would strongly advise that you read the following forums if you run MikroTik within your network: Forum 1, Forum 2 and Forum 3. Most importantly, ensure that you are running the latest MikroTik firmware, older versions have a number of vulnerabilities.
  • Disable SIP ALG on your router or modem. This setting not only affects SIP signalling which can cause issues such as one-way voice. It also makes a VoIP device easily identifiable from the internet. If a VoIP device responds to a port scan it makes it easier to identify on the internet. This is how perpetrators can identify the type of device on-site and how easy they can compromise it.

Ensure that your PBX is secure if you don’t have a Switch Telecom Hosted Switchboard

  • First and foremost, change all default login passwords on your PBX and handsets. If your network is being breached, a customised login password will prevent or delay access to the PBX
  • Customise the inbuilt Firewall of your PBX if possible.
  • If you do not need remote extensions, ensure that the PBX does not allow remote extension registration. It is also possible to grant certain network access to the PBX to prevent unauthorised access from unwanted networks.
  • Customise outbound rules. If your PBX allows for it then implement pin dialling.
  • If possible disable IP Calling on your handsets. This will prevent the phone from responding to port scans which will ensure that the devices are not accessible on the internet.
  • And lastly, change the Local SIP Port to any random port. Changing the local SIP port from the traditional 5060-5063 ports makes the phone inaccessible to port scans.

Your VoIP Provider should offer innovative security measures to help protect against Security Breaches

A specialist VoIP provider will set up credit limits on client accounts. They should also properly maintain security patches. Most importantly, the VoIP provider should speedily identify and combat any untoward activity. Switch Telecom has developed and implemented an Auto-Provisioning system for phone setup. Apart from saving time and minimising onsite support, the system secures phones through the implementation of various security settings. The auto-provisioning system is able to provision most Yealink and Grandstream phone models.
Further to Auto-Provisioning, Switch Telecom offers various other innovative ways to ensure the security of your VoIP Solution. Call barring options, IP access control lists, custom outbound rules (only on the Switch Telecom Hosted Switchboard), tight credit management, authorised account contacts are just some of the ways we layer the security of our solutions.

VoIP Security is a Team Effort

Even though Switch Telecom continues to make advances in ensuring VoIP security on all its solutions, a layered approach is essential. And it’s for this reason that all stakeholders should ensure the security of their devices and networks in order to safeguard against security breaches.

Our team of experts are always on hand to assist with advice when it comes to your VoIP security. Feel free to Contact us to discuss.

July 5th, 2019|Latest News|

Share This Story, Choose Your Platform!

  • Switch Telecom Facebook
  • Switch Telecom Linkedin

News and updates

VoIP Applications – Getting it Right the First Time

Nail guns have replaced hammers overtime in the construction industry. They are powerful, easy to operate and boost productivity for nailing tasks. However, nail guns are a leading cause of injury among residential ‘carpenters’. They are responsible for an estimated 37,000 emergency room visits each year in the United States alone. Puncture wounds to the hands and fingers are most common. More serious injuries, such as a nail to the head, leg and thigh often occur. The Industrial and Construction [...]

April 25th, 2019|Categories: Latest News|

VoIP Service Providers South Africa

The emergence of digital technologies such as Voice over Internet Protocol (VoIP) has seen a decline in the utilisation of analogue technologies. This decline has also led to VoIP service providers in South Africa discovering innovative ways to scale and reduce costs. Most VoIP service providers in South Africa offer products and services which enhance productivity and efficiencies in the home and workplace. VoIP technology runs over IP and offers businesses the benefit of high-functionality and low-cost. VoIP also enables [...]

March 13th, 2019|Categories: Latest News|

Loadshedding and your VoIP Solution

It seems that load shedding isn’t going away any time soon.  So, what do you do when the power is out and you still need to make and receive calls? When electricity is load shed, many communication methods, such as the internet, computers, and telephones are left without power. Even though load shedding is taking place throughout South Africa your clients, friends and family might be on a different schedule. This means that you could be missing their calls. This [...]

February 14th, 2019|Categories: Latest News|

Win with Switch Telecom

Win with Switch Telecom... would you like to win a Cordless Handset Bundle? It's easy, simply Like and Share our page on Facebook. Access our Facebook page here: Switch Telecom Facebook Terms and Conditions apply. Competition ends on the 1st of October 2018. Competition applies to South African residents only. The winner will be announced on the 5th of October 2018 on Facebook. Contact us for more information.

September 5th, 2018|Categories: Latest News|

Interview with TechCentral: Switch Telecom slams ICASA

Communications regulator Icasa has not thought through its proposed new call termination rate regulations. If they’re implemented without significant changes, they will harm the industry and lead to higher prices for consumers. That’s the view of Switch Telecom CEO Greg Massel, who spoke to TechCentral in a podcast interview on Monday (listen to the discussion below). “The single biggest issue is that, either intentionally or unintentionally, they seem to steal from the poor and give to the rich,” he said. [...]

August 27th, 2018|Categories: Latest News|

Telephony deployment simplified with Switch Telecom’s Auto-provisioning system

The demand for cloud telephony services is at an all-time high. VoIP services and Hosted PBX solutions are becoming increasingly popular with small and large enterprises. There is a much lower barrier to entry in comparison to traditional PBX and telephony solutions. VoIP rollouts are usually easier and turnaround times are usually much quicker. Being in the cloud affords hosted PBX telephony solutions the flexibility that a physical telephony solution can't.  Adding and removing extensions is quick and easy. Routine [...]

June 6th, 2018|Categories: Latest News|

A few ways to work smarter with your Switchboard/PBX

According to Statistics SA, the South African economy grew by 1.3% in 2017. It seems businesses across various industries are struggling in the current economy. Running a business can be expensive.  We know many businesses are facing a hard time. There are many rabbit holes where money can disappear into, this is especially true when it comes to your PBX. A Switchboard or Private Branch Exchange (PBX) service should enhance your business but can easily suck up money if not [...]

March 12th, 2018|Categories: Latest News|

Will free higher education solve the skills shortage?

On 16 December 2017, President Zuma announced that the government would subsidise free higher education for poor and working-class students. President Zuma said, “Having amended the definition of poor and working-class students. The government will now introduce fully subsidised free higher education and training for poor and working-class South African undergraduate students. Starting in 2018 with students in their first year of study at our public universities." According to the President, poor and working-class students are “students currently enrolled at [...]

January 12th, 2018|Categories: Latest News|

Number Portability Draft Regulations: A Game Changer

On 24 November 2017, ICASA (the Independent Communications Authority of South Africa) released new draft regulations on Number Portability. These proposed regulations aim to achieve effective and efficient functionality when porting numbers from one provider to the next; effective access and routing of communication regardless of the number being ported, and the licensees having to address cost allocation and cost recovery when porting numbers. Number Portability is the transfer of geographic numbers, non-geographic numbers (with prefixes 086, 080 and 087) [...]

December 11th, 2017|Categories: Latest News|