Secure VoIP Service
The Importance of Secure Communications
Both governments and hackers are becoming more and more sophisticated in their attempts to eavesdrop and track our communications. The traditional PSTN phone system already had a well-established procedure for allowing taps on people's phones. The rise of VoIP and Internet chat however threw a curveball at government agencies who suddenly found themselves unable to obtain the transcripts that they previously had easy access to. To make matters worse for them, many technologies now incorporate encryption right from the get go.
Skype for example professes to implement integrated encryption that makes it difficult or even impossible for anyone to listen in. However, recent moves by Microsoft such as the filing of legal interception technologies raise the specter of them being able to hand over call logs to a third-party.
It's also important to keep in mind that security has to be implemented on both ends of a telephone call if it is to be truly watertight. There's no point in having high end encryption from your clients to the server if the other person on the call doesn't follow the same precautions. Recent legislative efforts in the US indicate that law enforcement agencies like the FBI are keen on obtaining backdoor access to all VoIP communication services - even those that are encrypted by default.
Points of Access
The kind of security you can expect and the technology you use depends to a great extent on the point of surveillance. Say for example the government is trying to obtain call records from the local ISP from whom you obtained your Internet service. Encrypting your communications from your VoIP client to the server will prevent this. The only data they can give is the time of the call and its length. If on the other hand the government goes directly to your VoIP provider instead, basic encryption will not help. What you need is end to end encryption instead.
None of this will help if the person at the other end is using the traditional PSTN phone system. The procedure for obtaining call records there is already well-established. Find out whether or not your SIP hosted VoIP provider supports encryption and SRTP technologies. Not all of them provide this facility.
Of course, certain other common sense precautions such as having strong passwords and/or changing them at regular intervals will go a long way towards preventing other kinds of break-ins that can end up costing your business a lot of money. Your hosted SIP PBX provider should be able to give you a few more tips on how to harden your systems.