 As telephone calling through the Internet, also known as Voice over Internet Protocol (VoIP), becomes more common, it has also drawn the attention of online attackers. Before you try VoIP, you should know the benefits and drawbacks, and how you can enhance its security. Benefits of VoIPVoIP service for consumers offers these features for both conventional telephone and cell phone customers: | • | Easy setup and use: In many areas, you don't even need a computer to get started; service is available through your telephone using a small adaptor. Major telephone, cable, and Internet providers also offer nationwide calling along with their other service packages. | | • | Voice storage: You can access VoIP voice mail online, store your conversations on your computer, and replay them whenever you like. |
Risks of VoIP| • | Theft: Attackers who can access a VoIP server can also get access to the stored voice data and the phone service itself, to eavesdrop or make free calls on your account. | | • | Attack from viruses: If a VoIP server computer is infected with a virus, it can result in loss of phone service for you. It can also affect other computers connected to that system. | | • | Unregulated technology: Though regulation is in progress, users are currently open to some specific vulnerabilities and scams. For example, telemarketers can use VoIP to deliver enormous numbers of mechanical voice messages to consumers, sometimes resulting in a system shutdown. Criminals can also use a process called caller ID spoofing (displaying a false caller ID signature to call recipients) to pose as a trusted official to trick you into divulging sensitive account information. |
Steps toward VoIP security| • | Use a junction box: Often supplied by a VoIP provider with your service package, a junction box brings VoIP directly into your conventional phone without the use of a home computer. This helps insulate your phone from attacks and helps protect your computer from viruses it could pick up through the Internet. | | • | Keep strong, private passwords: Create strong passwords to access the service Web sites that store your voice mail and other audio data. Don't share them with anyone. | | • | Help secure your own computer: If you use a computer to access your voice mail and VoIP account from a provider's Web site, help keep that computer protected with a firewall, regular software updates, antivirus software, antispyware software and strong passwords. |
In-depth: on VoIPNow that you know the basics of VoIP, here's some more advanced information about the technology, how it works, and the pros and cons of using your own computer as a VoIP server. Q: What are the benefits of VoIP as a digital technology? A: VoIP converts voice conversations into digital audio, which can be saved on a computer. This gives you flexibility in how you participate in a conversation. For example, in a conference call, with the VoIP meeting available online as an audio file, you can allow people who missed the meeting to catch up. Q: Why can't I just use my own computer as a VoIP server and bypass the service carriers? A: You can, but the junction boxes supplied by service providers are fairly easy to install, and help insulate you from online attack. That's because the boxes are hardware conduits that connect your phone directly to massive, corporate servers, which then handle the connections to and from the Internet. If you connect a VoIP phone to the Internet with your computer, you're exposing that computer and phone—along with any the other phones and computers you have on your network—to the same viruses and other attacks that can plague computers that are not VoIP servers. Q: I still want to use my own computer as a VoIP server. What's the best way to help protect it from attack? A: To begin with, you should: | • | Maintain strict access control: Keep your passwords private and limit access to the computers and Web sites that house your voice mail and other stored audio data. You can further increase security by allowing only approved people on a password-protected list to make and receive VoIP calls. | | • | Use all available security precautions: Keep up to date with your firewall, antivirus, and antispyware software. Use firewall and antivirus software that can perform VoIP-specific security checks. For networked computers, use routers that include Stateful Packet Inspection (SPI) firewalls. | | • | Require user names and strong passwords: Apply for both direct and remote access to the VoIP network, and keep all your operating system software updated. You should password-protect and encrypt, when possible, any wireless networks you use. This also applies to Smartphones and any other wireless data transmission devices. | | • | Use dedicated VoIP computers: Consider using a separate computer as your VoIP server, and do not connect it to other Internet-enabled computers. |
| |
