Norton Article Library

Introduction

Are the attractive, feature-rich package deals offered by cable providers and low monthly costs tempting you to ditch your traditional phone service for a Voice over IP (VoIP) communication line? More and more people around the world are signing up for VoIP phone service in their homes. However, VoIP is Internet-based, which opens it up to a host of vulnerabilities that you never had to worry about with traditional phone lines. Learn more about these risks and ways to keep your VoIP line safe.

The vulnerabilities of VoIP

VoIP lines are susceptible to the same kinds of attacks which your Web connection and email are prone to, and security experts predict that attackers are busy fine-tuning new VoIP-specific attacks and threats. Before you sign up for VoIP, you should be aware of these potential vulnerabilities:

• Spam: VoIP is subject to its own kind of unwanted marketing, known as “Spam over Internet Telephony,” (SPIT).
• Interruptions: Network attacks like worms and viruses can disrupt service, or even take VoIP service offline.
• Voice phishing: Also known as “vishing ,” happens when an attacker contacts you using VoIP and attempts to trick you into divulging valuable personal data, such as credit card or bank account information.
• Privacy loss: Most VoIP traffic is unencrypted, making it easy for intruders to eavesdrop on VoIP conversations.
• Hacking: Hackers can gain access to your VoIP connection and use your line to make calls, and in some cases, sell your connection information on the black market. Once inside your home network, hackers can poke around to uncover sensitive information you may have stored on your PC.
• Net and power reliant: Any time your Internet service or power goes down, so will your VoIP service. Not being able to make outgoing calls from your home phone in case of an emergency can be risky, so make sure you always have a charged cell phone as a backup.

Shoring up the risks

VoIP communications offers a great value and comes with many cool features – just make sure to deploy it securely by taking these precautions:

• Secure your equipment: Select VoIP equipment that uses current wireless security standards such as WiFi Protected Access (WPA), WPA2, and IEEE 802.11i. Avoid relying on Wired Equivalent Privacy (WEP) security – it’s an older and less secure technology.
• Authentication and encryption: Turn on any authentication and/or encryption features available with your VoIP system. This will help keep unauthorized people out of your network and ensure privacy for your calls. WPA, WPA2 and IEEE 802.11i devices all come equipped with advanced encryption and authentication technology.
• VoIP firewall: Use a firewall specially designed for VoIP traffic. The firewall will identify unusual calling patterns and monitor for signs of attack.
• Two connections: If feasible, have a separate Internet connection for your VoIP line, so viruses or attacks threatening your data network will not affect your phone.
• Up-to-date antivirus: Use up-to-date antivirus and antispam technology on your devices.
• Awareness: You can act as a solid line of defense by being on the lookout for strange activities on your VoIP line and by being familiar with techniques attackers use.

Broadband Internet connections have become almost ubiquitous, making VoIP a possibility in more places than ever. VoIP is attractive because of its low fixed cost that includes a number of extra calling features. Just as you should before adopting any new technology, you should know about the risks of VoIP. However, despite the risks, there is no reason to let security fears stand between you and VoIP, as long as you take the precautions mentioned here.

Related Links

Viruses & Threats: Conficker Worm (aka April Fools 2009, April 1st Virus)
Norton Smartphone Security
VoIP Calling Loud and Clear
Norton Downloads