If you want to secure your VoIP telephony as much as possible and protect it against eavesdropping attacks, encrypted SIP trunks are the solution of your choice! However, you can only achieve 100% security if all callers are on the same network. toplink shows you how it works!
How to achieve maximum security for your VoIP telephony
One thing is certain: ISDN will be gradually switched off until 2018 and replaced by VoIP telephony. Although Deutsche Telekom’s decision was made as early as 2014, the extent of this change is now beginning to penetrate companies’ consciousness and is reflected in increased demand on the market: Many companies recognize an urgent need for action and plan an orderly switch to VoIP.
On the one hand, the new technology offers numerous advantages: A wide range of functions, high flexibility, simple configuration and high savings potential in telephone costs. On the other hand, hacker attacks, theft of credit card data, tapped cell phones or phishing incidents are regularly reported in the media. The scandals surrounding Wikileaks or the NSA affair, to name only the most prominent cases, have raised public awareness of this issue.
This raises the justified question of security: ”If telephony is going to work over the internet, will my telephony be as vulnerable to hacker attacks as the rest of my data on the internet?”; ”Can our company internal and trade secrets be spied on via VoIP telephony?”
Companies attach great importance to security for their telephony
Numerous studies have shown: Security and data protection have top priority for companies when it comes to internet-based services. We have already reported on this topic in other blog posts, you can read about it here. Prevent fee abuse successfully and read here about Cloud Usage 2015.
The crucial question is therefore: How secure is VoIP telephony? And what can companies do to maximize the security of their business telephony?
Encryption with ISDN: Not available
One thing must not be forgotten in the legitimate discussions about security in VoIP telephony: The tried and tested ISDN connection had no encryption at all. Basically, it would have been very easy to listen to the conversations of any person or company. All you had to do: Open one of the gray distribution boxes (e. g. cable junction box) on the side of the road with a standard square key, tap on the corresponding copper wire and listen to the conversation. However, it was only possible to listen to a call as long as you had physical access. A permanent wiretapping would have been quite cumbersome if you didn’t want to attract the attention of your neighbors too much.
To exaggerate a bit: It was technically not too much of a challenge to penetrate an external ISDN network, but it was very costly.
Encryption for VoIP: It depends on both sides
As we all know, everything has two sides to it: Because a VoIP connection is always internet-based, a professional hacker can easily access the data via the internet. However, whether or not he can read this data depends on its encryption.
Increase security through encryption
The following basically applies: A telephone call always runs between two telephone connections, the connection of the caller and the connection of the recipient. However, a telephone provider only has an influence on the security of a part of the telephone connection, namely the section between ”their” telephone connection and the voice switch. He has no influence on what happens to the data behind the switch after the call has left the operator’s network.
Security through encrypted SIP trunks
The encryption in VoIP telephony is based on the following principle: In order to encrypt a telephone call, the SIP trunk – the IP telephone connection responsible for setting up and dismantling the call – is secured by complex encryption protocols such as TLS (Transport Layer Security) or SRTP (Secure Real-Time Transport Protocol).
These protocols use an AES 256bit key. Experts assume that even a high-performance computer would currently take several hundred thousand years to crack this key. To date, this AES key is not known to be a practically feasible attack. AES is therefore the preferred encryption standard for governments, banks and high-security systems worldwide. This means: Within a network using this key, the connection data is securely encrypted. However, if the call leaves this network, security can no longer be guaranteed.
100% security only for internal network calls
There are three application scenarios.
- If you are calling from an encrypted to an unencrypted SIP trunk, then at least half of the connection is not secure and can be tapped.
- If all call participants each have an encrypted SIP trunk that is operated by different providers, the following applies: The calls are encrypted and secured from the end device to the switch. However, the route between the switches of the respective providers is unencrypted and thus theoretically vulnerable.
- 100% security is only available for calls within the network, where all callers are using an encrypted SIP trunk of the same provider. In this case, the call never leaves your own network and is not exposed to security risks or vulnerabilities.
What does this mean for your company?
If you want to guarantee a maximum level of security for your company’s internal and company secrets – i.e. all information that under no circumstances may be passed on to external persons at all – then you may only make calls within the network with your respective call recipients.
Securing internal communication between locations
If your company is distributed across multiple locations, make sure that all locations are connected via an encrypted SIP trunk of the same provider!
toplink is a pioneer in the encryption of SIP trunks
toplink was one of the first providers in Germany to recognize the crucial importance of encrypted SIP trunks. On request, our SIP trunks are equipped with TLS & SRTP on AES 256-bit encryption. toplink offers SIP-Trunks not only for national but also for international locations. This means you can make secure and encrypted international phone calls. Interested? Then contact us, we will be happy to advise you!