IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Overcoming the SIP trunking security challenge

Why it's time for both vendors and resellers to take a new approach to SIP security

Security padlock on a cloud

For businesses of every size, the benefits of Voice over Internet Protocol (VoIP) are becoming ever clearer: reduced costs, greater scalability, improved disaster recovery options and access to the productivity benefits enabled by Unified Communications (UC). For the reseller and vendor community alike, this provides a significant revenue opportunity in sales of the underpinning SIP trunking technology.

However, in an era of near continuous security breaches, SIP trunking is inherently vulnerable. Unsecured environments are at risk of voicemail hacking, denial of service attacks and toll fraud – and despite the fact that no business would deploy email or any web application without security, this area remains a key solution requirement that is too often overlooked.

So how can vendors and resellers ensure the cost benefits of SIP trunking are not outweighed by the security risks, and help deliver a successful implementation and long-term, secure SIP trunking strategy?

Weighing up the Financials

Singularly, the number one reason for any business to migrate to SIP trunking is financial, from the ability to connect different business locations or provide customers with low cost calls irrespective of international location. In addition, SIP is scalable, supporting business peaks and troughs, and it facilitates effective disaster recovery planning. But despite its benefits, SIP trunking is inherently vulnerable. And for the channel, the cost of making SIP trunking secure has, to date, presented a sales inhibitor that has sat at odds with the financial benefits of VoIP.

At a typical cost of £1,000, the traditional SIP security solution – the hardware based Session Border Controller (SBC) - has undoubtedly undermined the entire SIP trunking sale. What would have been a straightforward Opex deal with a 12 month ROI now demands Capex sign off and the ROI is pushed out significantly. Add in the additional sales knowledge and expertise plus the engineering experience required for the hardware implementation, it hardly becomes a wonder that most resellers, VoIP and UC suppliers and vendors have put security on the ‘too difficult’ pile.

Secure Solution Bundle

Fortunately, in the last 12 months, the SIP security landscape has fundamentally changed. The latest generation of cloud based, freemium voice firewall products can be downloaded and deployed within minutes, securing the voice network without impacting the cost benefits of SIP trunking.

For SIP trunk providers it offers the ability to provide the customer with a viable and easy to deploy ‘virtual’ SBC solution, aligning with the ‘per channel, per month’ cost model typically used. Moreover, the provider can also increase their value offering without risk of damaging the overall ROI.

For resellers, it becomes a simple option to bundle security into a complete package for a fixed monthly fee per channel. There is no additional hardware to be installed on site and the customer’s own IT department can setup and manage it within its existing network environment. And while there is, of course, a small incremental increase in monthly cost per channel that extends the ROI by a few months, the ability to gain market differentiation by addressing SIP security up front should offer more than enough compensation.

Building a long-term SIP Security Strategy

This cloud-based approach also offers vendors and resellers alike a significant additional benefit, above and beyond the initial SIP sale. It empowers a completely different way of thinking about security, one that delivers a long-term customer solution and commercial differentiation.

The deploy once, update many times model adopted by AV, web security and email security over the past two decades is well established and organisations recognise the clear vulnerabilities associated with failing to update routinely. Companies understand the importance of buying not just a security product, but a vendor’s continuous research into emerging threats and a commitment not only to routine updates but also emergency patches in response to new hacking vulnerabilities. In effect, when it comes to a continuously changing security situation, organisations recognise the need to buy products and solutions that utilise research, existing users and community to stay ahead of the hacker.

Cloud-based SBCs enable the application of this well-established approach to the VoIP & SIP trunking market, empowering vendors and resellers to pass the benefits of continuous investment in security research and routine updates on to the end customer, and deliver a reactive, real time and intelligent level of security to protect against these new world threats.

Conclusion

Despite its increasing cost benefit appeal, VoIP is vulnerable, and organisations are increasingly waking up to the security risks. With 84 percent of UK businesses considered to be unsafe from hacking according to NEC, these implications are significant and extend far beyond the obvious financial costs of huge phone bills, data breaches from voicemail hacking or the increasingly common Telephone Denial of Service threats.

Static fit-and-forget security is also not an option due to this ever-evolving threat landscape.

For vendors and resellers alike, actively raising the issue of security is therefore an opportunity to increase revenue, gain competitive advantage and build long-term customer engagement.

Paul German is CEO, VoipSec

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Google unveils new Assured Open Source Software service
open source

Google unveils new Assured Open Source Software service

18 May 2022
Malwarebytes hires new channel chief to lead MSP and partner network
Managed service provider (MSP)

Malwarebytes hires new channel chief to lead MSP and partner network

18 May 2022
Palo Alto and Deloitte to deliver managed security services in the US
Managed service provider (MSP)

Palo Alto and Deloitte to deliver managed security services in the US

17 May 2022
US and EU thrash out plans to avert chip production “subsidy race”
Hardware

US and EU thrash out plans to avert chip production “subsidy race”

17 May 2022

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022