One of the things we let our customers know about is the concerns that they should have when using VoIP (voice over the internet protocol) with our conference call system. We have nothing against VoIP, in fact, its technology and we embrace it around here, but in my experience, it can be troublesome for sound quality and connection reliability. We have so many questions about using VoIP with our system we wrote a useful guide about VoIP.
The one thing we cannot advise clients about is the security of VoIP. Unfortunately, for us, there are too many carriers out there for us to do a comprehensive review; however, I did come across this from VOIPSA, a nonprofit organization who want to spread the use of VoIP, while identifying the risks – and what is being done to prevent security breaches.
VoIP is, in essence, low cost phone service that travels through the internet lines to reach the destination number. The Insurance Report released from VOIPSA makes one thing very, very clear – “all internet servers are susceptible to hacking”. Much like a Trojan attack on your computer, VoIP can be left open for cyber-attacking: theft, hijacking, rerouting calls, eavesdropping, you name it. If you’re calling “overreaction”, I want to think for a few minutes to the kind of information you give out over a VoIP phone, and now think about what could happen if someone with malicious intent was listening. Javelin Strategy and Research reported that by 2009, 1 in 10 US consumers had fallen victim to identify theft, costing an average of $500/person.
I think its cause for concern; you wouldn’t buy anything online from something that wasn’t PayPal, VeriSign, etc., secured would you? So why are we choosing to make phone calls on environments that are not secured? If you’re going to use VoIP be sure that you ask whoever is carrying your call some important questions:
Is security guaranteed?
If there is a breach, what is the carrier’s liability for any subsequent fraud/loss funds/etc.?
Do they have any suggestions to help secure your phone lines?
The service might be cheap, but you get what you pay for right? The first step to improving the security of VoIP is to classify it as “telecommunications” as defined by the FCC – this will force regulations and requirements. Until then, you might as well be reading your credit card off through a megaphone in the middle of Times Square.
What do you think – are you scared? Or is everyone just overacting?