VoIP Security

VOIP Security testing and Analysis

Voice over IP (VoIP) networks can fall victim to the same security risks that threaten data networks, so Context always recommends thorough and rigorous security testing of any VoIP network. These tests include a reconnaissance exercise to determine which protocols are in use; examination of all types of VoIP handsets in use within the network, together with voice servers and border protection systems; network sniffing, to collect VoIP calls then replay them in an audio format; assessment of the potential to use the network for a denial of service (DoS) attack; and packet analysis to assess authentication mechanisms.

Telecom Security

Effective telecoms security is just as important to the operational health and safety of an organisation as IT security, and Context offers a range of services designed to protect against attacks on telephony networks. These include security assessment and auditing services, to help protect against attacks on telephone PBX, Interactive Voice Response (IVR) and Automatic Call Distribution (ACD) systems. Left unsecured, these systems could be exploited by external attackers or internal staff intending to perpetrate toll fraud and the theft and resale of long distance call services. We also assess the security of voicemail systems, through which it may be possible to access confidential information.

Other services include testing the security measures that protect staff working remotely or from home; the physical security of the telecoms infrastructure; the telecom carrier's system integrity; and power supply backup facilities. We can also advise clients on voice network design, security product selection, installation and ongoing technical support.

We also offer services designed to help organisations moving to a VoIP platform, including baselining of existing resources, which helps clients understand their current use of telephony resources, and a full set of security services designed to help secure VoIP networks.