Legal Issues of VoIP Service in CaliforniaJanuary 8, 2016
Sonic VoIP Brings Unified Communications to the High DesertMarch 22, 2016
As more business owners in Apple Valley, Victorville and the High Desert area contemplate getting VoIP Service for their offices, many of them are bound to be tempted by the prospect of a do-it-yourself (DIY) installation. Business owners have clear advantages to going DIY; first of all, there are the cost savings to consider, followed by the valuable experience gained. However, when it comes to DIY VoIP, security tends to be ignored.
Getting infected by the DIY bug is easy; after all, installing Skype or similar messaging applications that provide some level of VoIP is fairly easy, and it is very common at the personal level. When it comes to enterprise-level VoIP installations, however, security is a major concern that should be handled by professionals.
Let Us Hear From Security Expert Paul Moore
A recent article by a respected information security consultant illustrates one of the major dangers of DIY VoIP installations. IT security expert Paul Moore is often invited to observe installations of VoIP systems and other wireless networking systems. In mid-February, Mr. Moore reported a few of his observations, and the most worrying was the use of default passwords for devices and apps.
The default password issue is not a new one. Many news headlines have been published about this security risk, which in the past was mostly associated with wireless routers and webcams. What Mr. Moore has observed is that the default configuration problem extends to the VoIP world, particularly to digital phones, switches and headsets.
Choose Sonic’s Professional Installation
A business owner who acquires a new VoIP device and simply connects it to an existing network may have a false sense of security. He or she may think that the network is already secured and that firewalls are installed in each router. This belief was shattered by Mr. Moore, who explains how easily an attacker can gain access to an unsecured VoIP system to listen to phone conversations, access logs, make calls, review voice mail messages, and more.
By choosing a VoIP phone and resetting it to a default configuration without being challenged by a single password, Mr. Moore was able to eavesdrop on calls and even gain access to certain network functions. He could have started dialing international numbers and billed them to the company without being detected.
Mr. Moore’s security demonstration is certainly scary, and it should be a warning to business owners who think DIY VoIP is a good option for their company.