With all the news about cyber criminals stealing account numbers and identification codes, most of us are pretty careful about ensuring that we use encrypted sessions for E-commerce activities such as online shopping or banking.   We are also concerned when we hear about yet another organization’s confidential electronic records being compromised.   But how often do we think of our voice communications in the same light? 
Celebrities that have had their cell phones hacked, and their voicemail and address lists shared with the world over the internet surely do, but most people still see voice communication the way they always have, that is outside of a police wiretap, what you did over your phone could largely be counted on as being private. 
But what was true for the PSTN with its contained Telco wiring is not so true for the new world of cellular and VoIP phone services.  Your cell phone travels over radio frequencies that anyone with the right kind of receiver can access, and VoIP calls often transit the exact same internet that we’re all so careful about from a data perspective.   Yet few people think about the security of their voice call when entering account numbers and passwords via DTMF or voice commands over the phone in order to access financial or other confidential data.
Fortunately some people have thought a great deal about this, and the kind of mechanisms used to secure data sessions can be applied to voice sessions as well.  However, implementing this security is a complex undertaking with a number of different facets, and ideally should be considered from a Network-wide perspective.
The most intuitive aspect is securing the content of your call so that no one can intercept your packets and listen in on your conversation or IVR session.  VoIP uses a protocol called Real-time Transport Protocol (RTP), and there is a secured version called Secure Real-time Transport Protocol (SRTP).  SRTP can be used to provide full media encryption, or the considerably lighter weight task of authentication.
In addition to securing the media path, the interfaces used for billing, session control, and maintenance should also be secured to ensure that network elements themselves are protected against unauthorized access.  Session Control is typically accomplished with Session Initiation Protocol (SIP), which can be secured with Transport Layer Security (TLS).  Maintenance access can be secured with Internet Protocol Security (IPSec), Simple Network Management Protocol (SNMPv3), or in the case of Web access, with HTTPS (HyperText Transfer Protocol over Secure Socket Layer).  Device control sessions such as H.248 or MGCP can also be secured with IPSec.  Other mechanisms such as explicitly provisioning the IP addresses of devices from which communication is permitted are also useful.
Finally, no amount of electronic security helps unless the human interfaces are also secured.  This involves mundane aspects like user names and passwords providing different levels of access.  Rules for things like password length, composition, and frequency of change are often required to be enforced by the system.  A Remote Authentication Dial-In User Service (RADIUS) Server can be used to coordinate the user name and password functions across many network elements, making their administration across many elements manageable.
In addition to securing network elements themselves, the Network as a whole can be secured with Session Border Controllers (SBC), or in IMS terms the Border Control Function and Border Gateway Function (BCF/BGF).  These are devices that can be placed at the edge of networks to provide many types of protection, including Network Address Translation (NAT), session admission and control, and Denial-of-Service protection (DoS).
AudioCodes Gateway and Media Server products provide world class security protection for every interface, and have met the demands of some of the world’s most security conscious networks, including passing the exhaustive tests required by the US Department of Defense’ Joint Interoperability Test Command (JITC).  In addition, AudioCodes provides Session Border Controller capabilities for protecting networks as small as an office, and as large as you need.
Let us put AudioCodes’ security expertise and experience to work for you.  Give your AudioCodes account representative a call today. Visit www.audiocodes.com for your nearest representative.