Recently I was reading an article that outlined how IT executives are starting to foresee VOIP security issues as the technology makes its way into more and more businesses.
The latest stats indicate "that two-thirds of Canadian businesses are using an IP-based VoIP telephony system as their primary telephone system, and this number continues to rise. Meanwhile, wireless connectivity is becoming the status quo, with 90 per cent of Canadian businesses using smartphones."
Naturally, security issues need to be paramount with any relatively new technology -- although VoIP in Canada is already 10 years old, so hardly "new" -- and especially one that is becoming ubiquitous across industries.
Some of the discussion highlights in the article included reference to phone settings and Wi-Fi in order to safeguard users. As the many advantages of hosted VoIP become increasingly evident to businesses, I think it's important to clear up a basic misconception when it comes to security:
Your Wi-Fi security and your VOIP security are NOT the same thing.
By this, I mean that even if you are connected to your VoIP system through an insecure Wi-Fi network, it does not therefore follow that your VoIP system is automatically vulnerable to hackers.
In order to get into the VOIP system there are additional passwords required. The conversations themselves are encrypted. Certainly the ability to have your phone accessible across multiple platforms makes it vulnerable to hackers generally, but the security issue concerns are related to data network/hardware security issues -- not VoIP itself.
With this in mind, here are three tips for maintaining VoIP system security:
1) Restrict password permissions
Business grade VOIP apps have an extra layer of security that has to be activated in order for a user to become connected. When launched on a computer, a VoIP unified communications (UC) app will require users to register with their unique user name/password every time. Companies can restrict "remember me " options and require users to sign in every single time. That means that even if the VoIP app is attacked in the computer there will be always be another password that would need to be hacked as well in order for someone to get into the system.
2) Use the safeguards available
It should be noted that even if hackers managed to get the password and hack into one phone, it wouldn't affect the entire network -- it would only affect one user. Fortunately most business grade services have "fraud detection" monitoring and can determine if there are an unusual number of minutes being racked up and will flag it. Watch user trends and stay on top of alerts or changes in tracked usage.
3) Exercise common sense when working remotely
Common sense is one of the main security measures you can employ. It's simply about being aware of your surroundings, where you keep passwords stored (i.e. if someone gets into your computer will they easily locate a file marked "passwords"?) and noticing, literally, who may be looking over your shoulder.
Calling it a VoIP security issue when someone has your passwords is like calling it a bank security issue when someone takes your money after finding your card and PIN together -- it's not.
No network is perfectly secure. But a clearer understanding of VOIP and its security measures coupled with the basic best practices that every company should implement will help ensure better overall security for users. It will also help businesses looking at their telephony options to consider the real risks and benefits of VOIP in achieving their goals.
ALSO ON HUFFPOST: