Most small businesses operate on limited budgets, and unexpected expenses can derail even the most best laid out business plans. So imagine getting a phone bill for $200,000—when you expected only a small fraction of that! You’d probably be hoping that your service provider made a mistake, but it’s much more likely that your small business phone system has been the victim of phone hacking scheme.
How Does it Work?
VoIP phone calls are as vulnerable to hacking as any other internet transaction. In this scheme, hackers lease premium phone numbers—sometimes in the U.S. but most often in other countries—like the ones used to call psychic hotlines, and then use your small business phone system to call those numbers. At rates that often top $1 a minute, total charges can add up quickly. In fact, these hackers usually employ high-speed computers that can generate hundreds of calls per minute—and they get a cut of each one. You, on the other hand, get stuck with a massive phone bill.
What Can You do About it?
While nothing on the internet is completely impervious to hacking, there are several things you can do to make your small business phone system more secure:
1. Read your Service Agreement
The first step is to thoroughly understand what you’re buying. You may be paying for some services you don’t really need. Not only will canceling those services save you a little money each month, it will also shut down some of the ways in which hackers can exploit your system. It’s also important to read the fine print about how your provider handles fraudulent charges (who pays, for instance). If you don’t understand the policy or if you have questions about it, ask.
2. Establish a Budget
Work with your carrier to determine the maximum you’re willing to spend on a daily or weekly basis. Set the cap high enough that you’re unlikely to max out while conducting regular business but low enough to prevent hackers from doing serious damage, and specify that additional charges will be considered unauthorized. It’s an easy, reliable way to limit your liability.
3. Create Password Standards
Require everyone who uses the phone system to set up complex passwords that include a combination of letters and numbers. The longer, the better (up to 16 characters). And limit the number of people who have access to master system passwords.
4. Limit IP Addresses That Can Make Calls
Using strong passwords is an obvious way to reduce your risk, but it’s not the only way. Very few businesses need to make calls from an unlimited number of IP addresses. Work with your provider to identify a list of allowed IP addresses, remembering to include those of any employees who are authorized to use the system from home. Attempted calls from any other IP addresses will be shut down.
5. Talk to Your VoIP Provider
Stay up-to-date with how your VoIP provider is taking steps to secure your small business phone system. A reputable provider should use a Secure Internet Protocol (SIP) trunking service to shut down any non-secure connections. Your provider should also use Transport Layer Security (TLS) to allow client/server applications to communicate securely. In addition, ask about adopting direct access circuits that allow only calls that are made from within your business.
We all know that the things we do online are subject to hacking and other security threats, but we sometimes forget that those same threats apply to VoIP calls. The benefits of a VoIP small business phone system—like reduced costs and enhanced customization—far outweigh the risks, but you can reduce those risks even further by taking these steps to secure your phone system from hacking.
This article was originally published by TTI Houston