What security defenses should we expect from VoIP service providers? Although some experts say that the providers offer encryption, I've heard that that is not always the case.
The advice that you've heard is correct. Many VoIP providers do not offer encryption services due to the difficulty inherent in encrypting voice traffic without producing a noticeable degradation in speech quality. When deploying an enterprise VoIP product, carefully consider the security measures used by the tool.
First, unless your provider offers encryption, you should definitely consider placing the call manager at your site. Doing so allows for all of the benefits of a VoIP network within the walls of the organization, but preserves the traditional security of the wired PSTN for calls leaving the enterprise.
In addition, you should provide security for internal calls as well; tools like Wireshark make it easy for savvy users to identify VoIP traffic and eavesdrop on VoIP calls. The simplest thing you can do is separate voice and data traffic on your network. Create segmented VLANs for all voice devices and use both policy and technical measures to prohibit the use of data devices on those VLANs. When configuring these protections, don't forget that most VoIP phones come with a data jack designed to allow users to share a single wall jack (and VLAN assignment!) between their phones and PCs. You'll want to disable those jacks!
Dig Deeper on VLAN Security Management
Related Q&A from Mike Chapple
A proposed cyberattack information database in the U.K. aims to improve cyberinsurance. Expert Mike Chapple explains what collecting data breach ...continue reading
The proposed CFTC regulations on cybersecurity testing are set to finalize in 2016. Expert Mike Chapple discusses the effects these regulations have ...continue reading
Whether Apple is a HIPAA covered entity was called into question when it advertised for a health regulations lawyer. Expert Mike Chapple discusses ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.