Security

Protecting Your Voice: A Security Checklist for Your Current Phone Provider (Part 2 of 3)

Keeping up with the rapidly increasing risks of cyber crime is no easy task. Just when you are confident that you are safeguarded from the latest threats, criminals find a new way to exploit your network. This type of violation is nearly impossible to trace.

Your business phone system is a major gateway for toll-fraud and phone hacking. Last year, phone hacking alone cost businesses over 4 billion dollars worldwide. Your business could be among this year’s statistics if your system is inadequately protected. If you are unsure of the security of your system, it is time to talk to your provider. In part one of this series, we learned effective ways to assess the risks for your current phone system. We will now delve into an encompassing checklist to present to your phone provider. This will not only answer your questions and quell your concerns, it can give you a comprehensive picture of exactly who this company is and where their priorities lie.

The Truth Is, Most Large Phone Companies Just Don’t Care

VoIP Phone Security.

Large national phone companies simply do not prioritize the implementation of new security measures. It all boils down to money. The titans of digital voice are unwilling to release millions of dollars for infrastructure upgrades. They get away with this by trusting that you are exclusively using your phone to carry out simple voice calls so key safeguards would only be superfluous.

However, VoIP phones can do much more than make calls. Their multifunctional benefits should be tapped into without jeopardizing security. Below is a checklist of major questions to pose to your current phone provider so you can be sure that you’re receiving the most secure and strategic service:

Security Checklist:

What kind of phone system do you have with your provider?

Do you have an analog, On-Premise PBX or Cloud PBX system?

Does your provider take care of securing this system?

Is your provider responsible for outlining security protocols for you to follow that will keep you safe? Or, is does this responsibility fall on you and your IT staff?

Do they notify you when there are firmware updates for your phones?

Has your provider gone over (or even supplied you with) instructions on how to keep your devices updated? Perhaps you have been left in the dark when it comes to imperative updates. Without these patches, your system is left vulnerable to crafty new forms of intrusion.

Do they provide Secure SIP, SRTP or IP Authentication to encrypt your calls?

Encryption is as essential for voice as it is for email. Whenever you transmit sensitive information from one party to another, it must be encoded by enterprise level encryption. Your business should have the proper layers of security in place to ensure that your customers’ personal information is never exposed.

Do they monitor the infrastructure?

How adept are they at detecting unwanted or abnormal traffic to your phone system? Different businesses have different needs when it comes to monitoring, but this service is an undeniable inevitability. A good provider will keep a careful eye on things and alert you if something is out of the ordinary.

Is their infrastructure redundant?

What if your phone system goes down? Will you be able to efficiently serve your customers in the event of a natural disaster? Your provider should have geographically distributed fail-over infrastructure and backup protocols in place to keep you online during unexpected outages.

Do they offer Fax over IP (FoIP)?

VoIP Phone Security.

FoIP or ‘virtual fax’ packetizes faxes as an image and sends them from point A to point B in transport protocol. This is more efficient and more secure than traditional fax. FoIP keeps both fax transmissions and physical machines safe from intruders.

FoIP is easy to set up as it can leverage existing networks. It also increases the capabilities of remote workers by allowing them to receive the same faxes that in-office staff can, even without a fax machine!

Where is your provider located?

Are they a Canadian company? Is your data being stored within the country? Could you be unknowingly in breach of Canada’s privacy laws?

This is one of the most important set of questions to ask your provider. If your data is in the hands of an American-owned company or is being stored partially or fully outside of Canadian borders, you are not successfully adhering to government privacy laws. Using a 100% Canadian-owned provider whose data centres reside on Canadian soil is fundamental for compliance.

Most Importantly: Do they provide security for your phone system from A – Z?

Are they knowledge and up-to-date on the latest threats affecting VoIP systems? Are they always looking to employ the absolute best practices in the industry to keep you safe?

Ideally, your provider should communicate with you, inform you and listen to your concerns. They should be approachable, helpful and perceptive. You should come away from every interaction feeling like you have made the right choice.

So many threats are awaiting an unprotected phone system, and new ones are being created every second. If your current provider cannot deliver satisfactory answers to these questions then you may be taking a gamble with your safety.

If you are feeling unsafe, it is time to upgrade. Don’t wait until something goes wrong before making the switch. In part three of this series, we will be providing a checklist that will help you evaluate a potential provider. It will include a number of wide-ranging considerations that are crucial to finding the company that truly compliments your business.

Keep Your Business Phones Free From Intruders

Contact Telecom Metric for a Network Security Assessment