VoIP SecuritySwitching your traditional analog phone to a VoIP service gives your phone system a lot of new capabilities, but it also opens you up to a new set of potential security issues. You shouldn’t let this scare you off from using VoIP, though, because for every VoIP security problem there are multiple solutions. By knowing about the different threats, as well as the tools your VoIP provider and other companies offer to combat them, you can dramatically increase your protection against cyberattacks and make your calls secure. Here are five security problems that may impact VoIP, and how you can solve them.

SPIT

Problem: Spam over Internet Telephony, otherwise known by the lovely acronym SPIT, is similar to spam email in many ways. Both involve unsolicited messages, often generated automatically, that waste your time and annoy you. However, SPIT is underestimated as a threat to VoIP security. That’s because some SPIT calls try to scam you out of personal or financial information, and SPIT is harder to detect than spam email because you can’t know the content of the call until you pick up the phone, while spam emails are easier to spot because they have a subject line.

Solution: Certain VoIP providers, such as 1-VOIP, include robocall blocking features with all of their plans, and every year those features get better at keeping random automated calls from reaching your phone. Additionally, several of the services we’ve reviewed, like Broadvoice and RingCentral, allow you to sign up with cloud-based call blocker Nomorobo. This blocker won a challenge issued by the Federal Trade Commission to develop a tool against robocalls, and works by quickly routing incoming calls through a second line to identify SPIT. You can also manually block specific numbers that send unwanted calls, but SPIT callers can often falsify their phone information to get around that — a tactic also used by traditional phone scammers. If manual blocking is the only defense you have against SPIT, you may still end up with a lot of junk calls.

Unencrypted Traffic

Problem: When you make a VoIP call, data flows from your device to your ISP, then to your VoIP provider, and finally to the person or people you’re calling. If that call data is unencrypted, then someone could potentially eavesdrop on your conversation at any of those points. Private information you mention over your VoIP could be used to steal your identity or socially engineer a family member to give out more of your personal data. While it is true that analog telephones are also unencrypted, VoIP phones are easier for cybercriminals to tap because the data flow is less centralized compared to the traditional telephone system.

Solution: The simplest solution is to find a VoIP service that provides encryption for your calls. Several business VoIP services, such as Vonage Business and Jive, offer encryption by routing calls directly through their cloud servers. Alternatively, you could set up a virtual private network (VPN) compatible with VoIP. VoIP VPNs create an encrypted private network between you and the people you’re calling, establishing a direct line of communication that is difficult to intercept. The cost of a VPN’s security, though, is paid in increased bandwidth usage. If you have dial-up or satellite Internet with a connection speed of only 1 or 2 Mbps, adding a VPN to your network may greatly degrade the quality of your VoIP calls. That said, those with high-speed Internet connections will likely not see a change in their call quality.

Hacking

Problem: One big benefit of VoIP is that it lets you access your number and voicemail from anywhere using a computer or mobile device. However, that also makes your phone service vulnerable to hackers. For example, a hacker on the other side of the world could break into your account to steal your information or gain control of your VoIP system. Since VoIP is connected to the Internet, hackers can attack in a lot of different ways, and if you want to be safe, you have to make sure you cover all of them.

Solution: No VoIP provider can completely protect you from hackers. The best way to minimize the chances of someone hacking you is to practice good computer safety and cybersecurity habits. Change all of your passwords and PINs away from their default options, and make sure the new passwords you use are strong. If you have a Wi-Fi network, protect it with Wi-Fi Protected Access (WPA) protocol, and set a strong password on it as well. For every computer and device on the same network as your VoIP, you need to keep all software updated, regularly scan for viruses and use caution when downloading programs or clicking links, as a single compromised system can quickly infect an entire network. When you’re traveling, be wary of using free Wi-Fi hotspots to make VoIP calls, as hackers can easily lurk on those networks. If they spot your VoIP traffic, they could listen in on your call or inject malware into your device.

Hardware

Problem: VoIP hardware, such as analog telephone adapters (ATAs) and IP Phones, can ship with security vulnerabilities that the manufacturer isn’t aware of until later. For instance, in 2015, IT hardware company Cisco found a security exploit in its SPA300 and SPA500 Series IP phones that let attackers remotely eavesdrop on VoIP conversations. These exploits may require firmware updates to fix, but in order to apply those updates, you have to be aware the problem exists in the first place.

Solution: This VoIP security issue is easy to fix. Periodically check to see if the manufacturer of the VoIP hardware you use has posted any security advisories. If they have, patch (or update) your hardware as soon as possible.

DDoS Attacks

Problem: Distributed denial of service (DDoS) attacks are becoming a more common threat, increasing in frequency every year. Most people don’t have to worry about being targeted by a DDoS attack, but if you run an online business or do anything that places you in the public eye (such as blogging or streaming), your chances of becoming a victim increase. A DDoS attack against your IP address will overwhelm your Internet service and temporarily disrupt your VoIP system.

Solution: For home VoIP users, a VPN is the best way to protect yourself from DDoS attacks. In addition to encrypting your Internet traffic, VPNs mask your true IP address, preventing attackers from sending their flood of worthless data to the right location. VPNs can help business users as well, but if you think your business is large enough to be a high-profile target, you may want to invest in dedicated DDoS safeguards. Companies like Cloudflare and Arbor Networks specialize in mitigating DDoS attacks, and they may be helpful for your business because they redirect excessive traffic to their own servers and absorb the blow while your VoIP stays online.

While all of these security threats may seem like a lot to worry about, once you get your defenses set up, you can rest easy knowing your calls are protected. All it takes to keep your VoIP secure is a little care, knowledge and the right tools. If you’re looking for a VoIP provider and security is your primary concern, read our VoIP reviews to see which service is right for you. Also, for more tips on how to get the most out of your VoIP, keep an eye on our VoIP blog.