IT security is at the forefront of every business owner’s mind, and SIP trunk security should be included in every security plan.
Unencrypted SIP traffic when sniffed on the network can be decoded and listened to as if the attacker were on the call themselves, making it crucially important to secure your network.
Based on recommendations from top IP PBX providers, we have compiled the most important considerations for ensuring your SIP phone system is secure.
Whether you intend on deploying VoIP in-house, or working with a certified partner, understanding these security principles will assist you in ensuring your phone system is resilient against network attacks.
Using a strong and unique password for your IP PBX management console
Choosing a password for IP Phones
Some IP PBX servers do not require passwords on SIP Phones, or allow blank or short, simple passwords.
Despite the convenience of this, it is strongly recommended that each phone on the PBX has a strong and unique password. 3CX for example, will automatically change the password on the phone when it is provisioned, this saves time and helps with management of the phone system as a whole.
Planning for SIP Security
- Secure SIP
- IP blacklisting
- Anti-hacking settings
Segregating your networks
Segregated networks often see less congestion, which is particularly notable at busier times of the day, and should an issue arise on one network, it remains localised and other areas of the business are able to function as normal.
Segregation of networks for different departments may not be right for your business, however if it is something you are interested in we recommend speaking to your IT provider.
Allow only required services
Should you require your IP PBX to be connected to the internet, it is best practice to ensure only the required services are able to access the phone system.
Using an Intrusion Detection System (IDS)
Host-based IDS – Analyses log files, file system modifications and event logs
Network IDS – Monitors activity across the network