Home > Columns > CRM Columns

Worried about VoIP security?

Contributed article by Renaud Charvet, CEO, Ringover

~ Small businesses are at the highest risk of all cyber-attacks ~

Office architecture has been changing for three years. Meetings have become Zoom calls, a quick phone call an email, and an email an instant message. As the office landline becomes replaced with internet-based alternatives like Voice over Internet Protocol (VoIP), some businesses are questioning — is it secure? To help stave off concerns of cyber-attacks, Renaud Charvet, CEO of VoIP phone system provider Ringover, analyzes the security credentials of VoIP.

Cyber security is becoming more important for businesses to prevent data breaches, loss of revenue and depletion of customer trust. But how can businesses become more secure?

The rise in cyber-attacks

Nobody could have predicted just how quickly our work set-ups changed in 2020. At the time, many businesses scrambled to create remote working set-ups that, originally, were meant to serve as a short-term stop gap. Fast forward three years and there are now more permanent, hybrid set-ups that haven’t really grown in sophistication.  

Consequentially, cybercriminals recognized the vulnerabilities brought by unfamiliar working conditions. According to Microsoft, cyberattacks in the United States more than doubled in 2020, accounting for 46 per cent of all global attacks — with 700,000 attacks placed on small businesses.

Working from less-secure home internet connections, and in many cases from personal devices that haven’t been vetted by the IT team, takes much of the blame. In addition, the explosion of online tools to aid employee collaboration and productivity means business data is scattered across third-party vendors without much policing.

Knowledge is power

It’s critical that everyone in the organization is aware of cyber risks so they know how to prevent them. So, what sort of methods are used by cyber criminals to access crucial data?

As well as hacking of personal information like passwords and emails, a common cyber offence is phishing. This is where criminals ask for security information and personal details under the pretense of a trusted organization. The Anti-Phishing Working Group (APWG) observed 1,025,968 total phishing attacks in the first quarter of 2022.

Other methods cyber criminals may use include ransomware, a newer form of attack that became popular in 2021. As the name suggests, ransomware is used to block access to a computer system until a sum of money is paid. According to research from Nord Security’s file encryption software business NordLocker, US businesses suffered the highest rate of ransomware attacks in the world between January 2020 and July 2022.

However, cybercrime can span further than targeting users of devices like tablets and computers, and instead access phone calls. Vishing, or voice phishing, is the voice call equivalent of online phishing, which is used to access sensitive information by deceiving the person on the other end of the line to share security details.

Is VoIP more secure?

VoIP technology is helping businesses move away from traditional, landline forms of telephony. Its use has increased alongside the rise of remote working as VoIP has lower operating costs, is easily scalable and is completely portable. But, while VoIP offers a supreme level of network agility, it’s understandable that a business worrying about cyber-security may question its credentials. If calls are hosted over the internet, are they really secure?

Compared to physical landlines, VoIP can be more secure because it uses Session Initiation Protocol (SIP), which allows voice traffic to be compressed into media streams that are sent over an internet connection, rather than through traditional phone lines. Additionally, VoIP systems require login credentials that enable the user to connect through the phone. Multi-factor authentication is a reliable way to improve security by making it difficult for unauthorized users to gain access to the network.

In a worst-case scenario, businesses could be made vulnerable to cyber threats through a Voice over Misconfigured Internet Telephones (VoMIT) tool, where cybercriminals steal voice snippets and confidential information directly from calls. To overcome this, VoIP providers like Ringover use end-to-end call encryption to protect content, rendering it unreadable if it is hacked. 

While on the surface, VoIP may seem like it adds more opportunities for cyber criminals to attack, it’s actually more secure if you’re investing in a quality service. As technology continues to advance around us, so do the cyber threats we face. Businesses cannot bury their heads in the sand, and awareness of both long-used and newer forms of attack is vital to preventing breaches. VoIP is quickly becoming a vital tool in any flexible business’s arsenal and it’s important businesses make sure the phone system they choose helps keep their data safe.

About Ringover: As an international CCAAS solutions publisher, Ringover is the ideal, all-in-one solution for companies wanting to revolutionize their communication (telephone, video, text message, chat, etc.) and transform them into powerful engines of growth. Its features focus on productivity and supervision. The intuitive platform and 70+ business tool integrations (CRM, customer relationship software, etc.) have enabled this SAAS pure player to win over more than 10,000 companies worldwide, including NLDC, Changes UK, Talent.io and the AXA group. A telecom operator since 2005, Ringover has never stopped evolving and adapting to companies’ growing communication needs.

Born out of Paris, and expanded into Lyon, Barcelona, London and Atlanta, the company currently has over 220 employees.