Security for your VoIP network is essential to protect you and your business from fraud, spam, and malicious intent. Over two thirds of all cyber attacks are crime syndicates; organised bodies specifically created to extract/detain/destroy information for the purposes of financial gain. The following checklists are examples of the measures we take to protect our clients from cyber-crime.

PBX Checklist

Keeping your telephone system on the latest software provides you with the latest security features. The older your software, the more vulnerable you become.

  • Block voicemail trunk to trunk transfers 

  • Block/PIN access on international calls

  • No voicemail passwords as default

  • Change development & service level passwords on the system from default

  • Block premium numbers (number starting 09, 14109, 128009)

  • Block directory enquiry services (numbers starting 118, 141118, 1280118)

  • Block speaking clock (123, 141123, 1280123)

  • Block outbound/international outbound calls when in night service (still allow 999 and 112)

  • Session Border Controller for all IP voice phone systems

Trunk Line Checklist

Not all trunk lines have the same options, which is why it is worth speaking with a specialist before selecting a trunk line type and provider. SIP trunks offer the most options for security due to the newer technology.

  • Call spend threshold: outbound calls blocked when a monthly spend threshold is reached

  • Near threshold alert: email announcement when a percentage of threshold is reached

  • Block international call barring: where not required by the business

  • Fraud insurance: a small fee per trunk line per month to insure against the cost of Phreaking 

  • Account contact verification: only authorised employees can request trunk line actions

  • Variance checking: comparing the current period of billing against the previous period

Cyber Checklist

With the latest VoIP technology allowing voice onto the data network, it is worth taking another look at your network security. Does the UC phone software provide a backdoor onto your data network, now they are linked?

  • Voice network firewall: prevent the rerouting of calls even if the system or voicemail is compromised

  • Data network firewall: prevent unauthorised access to the data network

  • Cyber Essentials: Government supported scheme setting out recommended standards 

  • Pen test: network/system survey to identify possible vulnerabilities

If you have not had a discussion about security and Phreaking, please get in touch immediately. Telephony fraud is not just an inconvenience; there is a very real phone bill that needs paying if you are compromised.