VoIP Security Audit
Many organizations have begun migrating from the standard “copper wire” telephone systems to “voice over IP” (VOIP) technology. VoIP solutions aimed at businesses have evolved into “unified communications” services that treat all communications—phone calls, faxes, voice mail, e-mail, Web conferences and more—as discrete units that can all be delivered via any means and to any handset, including cell phones. While VOIP technology offers huge costs savings in many situations, it exposes voice communication to many of the “risks” only previously faced by data communications. While initially “free from hacker attacks”, VOIP is now more and more subject to “hacker” attacks that are aimed to disrupt, compromise or abuse VOIP traffic resulting in yet another way organizations face security threats to their operational assets. Specific VOIP security threats like “denial-of-service”, voice mailbox break-ins and unauthorized recording of VOIP conversations are becoming more and more common place.
KRAA SECURITY’s VOIP Security Assessment Service is specifically designed to assess your existing VOIP infrastructure and identify existing and potential security and reliability issues. Using a series of “toolkits” and processes, KRAA SECURITY staff will assess your VOIP infrastructure onsite as compared to existing “VOIP Best Practices”.
We will determine to determine the following:
- Security against DOS attacks
- Protection against general “unauthorized access”
- Protection against VOIP call “eavesdropping”
- Spam Over Internet telephony (SPIT)
- Call Floods
- Harassing Calls
- H.323 concerns
- Software Patch Level Compliance
- Resistance to Viruses and Malware
- Application Layer Gateway Concerns
- Use of Encryption Technology
- VOIP System Redundancy