VoIP Security Checklist

Keeping your telephone system on the latest software provides you with the latest security features. The older your software, the more vulnerable you become.

• Block voicemail trunk to trunk transfers 

• Block/PIN access on international calls

• No voicemail passwords as default

• Change development & service level passwords on the system from default

• Block premium numbers (number starting 09, 14109, 128009)

• Block directory enquiry services (numbers starting 118, 141118, 1280118)

• Block speaking clock (123, 141123, 1280123)

• Block outbound/international outbound calls when in night service (still allow 999 and 112)

• Session Border Controller for all IP voice phone systems

Not all trunk lines have the same options, which is why it is worth speaking with a specialist before selecting a trunk line type and provider. SIP trunks offer the most options for security due to the newer technology.

• Call spend threshold: outbound calls blocked when a monthly spend threshold is reached

• Near threshold alert: email announcement when a percentage of threshold is reached

• Block international call barring: where not required by the business

• Fraud insurance: a small fee per trunk line per month to insure against the cost of Phreaking 

• Account contact verification: only authorised employees can request trunk line actions

• Variance checking: comparing the current period of billing against the previous period

With the latest VoIP technology allowing voice onto the data network, it is worth taking another look at your network security. Does the UC phone software provide a backdoor onto your data network, now they are linked?

• Voice network firewall: prevent the rerouting of calls even if the system or voicemail is compromised

• Data network firewall: prevent unauthorised access to the data network

• Cyber Essentials: Government supported scheme setting out recommended standards 

• Pen test: network/system survey to identify possible vulnerabilities