How Secure is Voice over IP?
Since the announcement of the ISDN shutdown across many countries, everybody is talking about VoIP and All IP technologies. For businesses and private households alike, Voice over IP offers a number of advantages. But the question is how secure is Internet Telephony (VoIP) in contrast to the older, tried and tested ISDN business phone systems. With voice over IP, calls are no longer routed via ISDN but rather over your Internet connection. As the Internet is often portrayed as inherently insecure, for many it begs the question just how secure – if at all – a voice over IP connection actually is.
Is VoIP encryption possible?
In a word, Yes. Thanks to technologies such as SIPS, sRTP, TLS or End-to-End Encryption, it is possible to encrypt VoIP. And by the way, such encryption possibilities did not exist for conventional ISDN fixed lines. ISDN technology runs over so-called backbone cables, which were coincidentally often tapped and eavesdropped on by hackers. Basically, modern IP and VoIP technologies are far more complex compared to analogue and ISDN technology. VoIP communication, however, normally runs over fibre optics networks, which for hackers relates to more difficulties and time needed due to the complexity of the structure. Realistically, it is often the case that security issues arise from potential security gaps that stem from the structure of a business’ IT infrastructure being exposed. Unfortunately, too many companies (although this is changing) do not build their networks conscientiously enough and thus unwittingly leave the doors open to hackers. In essence, when installing a business VoIP phone system, choose a vendor who is able to clearly answer your security questions and have a specialist do the installation whilst also taking every step possible to ensure the security of your company data.
Which VoIP encryption technologies are available?
The most common IP telephony encryption methods include:
SIPS: (Session Initiation Protocol Security) is a network protocolling technology for establishing, controlling and deconstructing a communication session between two or more participants and is a commonly used protocol in VoIP phone systems. Another significant advantage is that by separating sessions and media, both data streams can be encrypted independent of one another, adding further complexity for unwanted attackers to sift through.
TLS: (Transport Layer Security) another common encryption tool is used to encrypt signalling using SIP over TLS. TLS is a cryptographic protocol that has replaced SSL (Secure Sockets Layer) and is designed as an IT network communications security protocol. It may be the case that your Voice Provider offers TLS encryption, but when choosing a phone system, it is important to choose a vendor, such as pascom that supports TLS encrypted communication.
SRTP: (Secure Real-Time Transport Protocol) is the encrypted version of RTP or Real-Time Transport Protocol. In contrast to RTP, SRTP includes advanced identity control tools.
End-to-End-Encryption: In plain English, End-to-End encryption is the VoIP encryption of all transmitted data across all transmission stations. Only the communicating partners (i.e. their respective endpoints) can receive and decrypt the message.
Provider certifications
Before you decide on a particular VoIP phone system for your business, you should confirm you’re your chosen provider holds a range of certifications.
Important certificates which your Cloud Phone System and VoIP Provider should hold include:
- ISO/IEC 27001 The International Standardization Organization.
- AICPA SAS 70 The American Institute of Certified Public Accountant.
- ECSA EuroCloud SaaS Star Audit Europe
- Germany’s TÜV Trust IT Certification.
pascom’s business communications platform ensures a secure SIP, TLS (SSL) VoIP encryption, and are exclusively “hosted in Germany” in approved data centres (naturally with TÜV Certification) coupled with 100% “Made in Germany” solutions that guarantee maximum availability at unbelievably attractive prices.
pascom’s latest 100% Cloud-ready solutions and in particular pascom’s hosted Cloud phone systems offer the optimal balance of high-performance, flexibility and security. All business intelligence, i.e. customer data, is stored in a closed, protected environment. In pascom’s hosted cloud variation, the specifically developed multi-tenant / multi-instance hosting platform ensures that each pascom phone system instance is containerized and belongs exclusively to only one tenant (i.e. customer). Thus each instance is insulated from the others, meaning that unlike other cloud providers, a falsely configured phone system cannot “infect” another phone system as well as preventing direct access to data belonging to other customers and vice versa.
Is it possible to exchange VoIP encryption?
Full security is delivered via TLS encrypted SIP. As such, you can easily communicate with partners via VoIP over IP. For each call, the key must be exchanged during the call construction process. Similar to HTTPS, the keys also use SIPS certificates. The identification is regulated via the SIP protocol, meaning not every client requires their own certificate. As a result, encrypting communication is no longer an obstacle thanks to SIPS certificates.
When it comes to security, Voice over IP in under not circumstances inferior to ISDN. On the contrary, compared to ISDN, by VoIP solutions it is possible to significantly increase the degree of privacy with the aid of encryption technologies and mobile VoIP smartphone apps, such pascom’s mobile app for Android and iOS. By using pascom’s mobile app, users can also benefit from VoIP communication while on the move without fear of hacker attacks. The apps are configured using secure, encrypted QR codes and all calls will be routed using encrypted SIP over either mobile data (e.g. Voice over LTE) or a Wi-Fi network with which the smartphone is connected.
Increase your business productivity and enjoy the benefits of VoIP
With pascom’s VoIP business communications and collaboration solutions, substantial increases in productivity within your company can be realised. By integrating mobile devices, you will be able to enjoy worldwide availability in your office number, regardless of where the phone system is hosted.
Moreover, with advancements in audio technology such as HD audio and OPUS codecs, you will also enjoy a significantly improved audio quality. HD standards and in particular OPUS codecs are great for enhancing audio and in the case of OPUS, the codec is scalable to your available bandwidth meaning it adapts according to your current Internet connectivity conditions and even at its most comprised, still offers comparable quality to the ISDN. However, both call parties HD enabled IP phones in order to be able to enjoy these benefits, but lucky almost all modern phones and mobiles offer HD support, so it is not really a major concern.
A further VoIP benefit includes having the ability to upgrade your call management. Professional call management is essential for excellent customer service and projecting an image of professionalism. Legacy phone systems often had limited and/or costly call management modules, whereas IP based systems deliver much more functionality per default. With a pascom solution, IVRs, AutoAttendants and automatic call distribution and forwarding are all included as standard features. For example, should you currently be in a meeting or working on an important project not wanting to be disturbed, it is possible to, either automatically or with the click of a button, transfer incoming calls to another free colleague all without the caller having to wait for any prolonged period of time.
Give the pascom team a call on +49 991 29691 0 to discuss your requirements and get started within minutes using our free hosted business VoIP phone system edition!