In recent months, there has been an increased scrutiny on how secure modern communications are. There was the United States government wanting a way to access your personal information on your cell phone without your knowledge. Additionally, in mid-October, a widespread hack that affected modern WiFi encryption was revealed. While these are attacks on personal information, they also have distinct implications for businesses. So while everyone’s focus is on security, now is a good time to address what a few of those terms mean, and how they affect your business.
VOIP – Hosted vs. Premise-based Solutions
Every business relies on some form of voice communication. When choosing their phone systems, many companies turn to voice over internet protocol (VOIP) as a way of bundling their voice communication with their online presence. One of the chief security decisions when dealing with business VOIP solutions is choosing between hosted and premise-based VOIP solutions. But what does this mean and how does it affect the security of your company?
Premise-based VOIP means that the servers and tech that handle your VOIP calls is on-site. Your IT department is responsible for maintaining it and the security of the communications. This is a great solution for a small business, but if you experience rapid growth, you could find yourself outgrowing your VOIP capabilities.
A hosted VOIP solution means that the servers are hosted offline by your VOIP provider. This not only relieves you of the concern for security but also what to do if you suddenly need ten new lines. A hosted solution will scale quickly and easily for you. That also means that your IT guy won’t suddenly be stressed out about having to secure your new equipment.
Wireless and Internet Solutions
Internet security is essential to your company. Viruses and malicious attacks cost businesses over $450 billion around the world. Whether it’s a simple clean up because of a downloaded virus or a full-blown ransomware attack, the security of your computer infrastructure is a major concern.
It affects multiple things, from how you choose your web host provider to how you train your new employees in the basics of internet security. While protecting your company, there are some keys to ensuring its safety.
· Don’t download anything without clearing it with your IT department.
· Never click on links in an email.
· Don’t use personal flash drives or external storage on company computers.
These basic rules are great when it comes to securing your wired infrastructure, but what about your wireless network?
Wireless integrity can be a bit trickier. The standards for wireless encryption have changed drastically over the past ten years. The first encryption protocol was the Wired Equivalent Privacy (WEP) protocol. This was supplanted by the Wi-Fi Protected Access (WPA) protocol while a more robust solution was developed. That solution ended up being WPA2, whose vulnerabilities were revealed by the KRACK hack.
WEP is the least secure method of wireless encryption. It was introduced in 1997 and was first cracked in 2001. It is extremely easy to break, and no company should be using this method.
WPA2 is the most robust form of wireless security currently in place. This protocol allows for the use of an authentication server instead of a common passphrase. Server authentication issues a certificate to a valid user that is checked every time they attempt to log in.
Keep in mind that the most vulnerable aspect of any system is the passphrase selected by a user. For example, “1234” or “password” are still commonly used passphrases. This makes those systems vulnerable to attack. When dealing with the security of your company, employee education is perhaps the most important link in the chain.