VoIP is subject to the rules of the Internet. It has its strengths and its weaknesses. However, ensuring VoIP security
doesn't have to be the daunting task that one might expect. Here are four basic steps for ensuring that your customer's VoIP network is secure.
Secure VoIP in simple steps
Securing VoIP doesn't have to be a challenge for systems integrators and their customers. Because VoIP is basically a phone call over the Internet, it offers the same strengths and weaknesses as the Internet. But it's not as scary as it seems. Most of the tuning required to secure VoIP involves the same efforts as hardening Internet and Web connections your customer's network probably already has in place. And most of that work can be handled by the system integrator or VAR.
Here are four suggestions for protecting your customer's VoIP network:
- Run all VoIP traffic through a separate Internet connection, separating voice and data into their own network segments.
- Avoid cheap systems, rather partner up with more established vendors.
- Encrypt any VoIP traffic to ensure confidentiality.
- Place VoIP servers in a secure physical location.
Find a more complete list, including more best practices for ensuring VoIP security.
About the author
Joel Dubin, CISSP, is an independent computer security consultant in Chicago. He is a Microsoft MVP in security, specializing in Web and application security, and the author of The Little Black Book of Computer Security available from Amazon. You can visit his blog, The IT Security Guy, at www.theitsecurityguy.com.