top of page

VoIP security checklist

Our VoIP security checklist is to show you the options to stay safe with your VoIP services because there is no insurance against phreaking. Maybe not all actions apply to your company. Phreaking is a popular way to get your money for hackers. They try to connect you to premium numbers, which cost you money to call.

BPX Checklist

  1. Block voicemail trunk to trunk transfers 

  2. Block/PIN access on international calls

  3. No voicemail passwords as default

  4. Change development & service level passwords on the system from default

  5. Block premium numbers (number starting 09, 14109, 128009)

  6. Block directory enquiry services (numbers starting 118, 141118, 1280118)

  7. Block speaking clock (123, 141123, 1280123)

  8. Block outbound/international outbound calls when in night service (still allow 999 and 112)

  9. Session Border Controller for all IP voice phone systems

Trunk Line Checklist

  1. Call spend threshold: outbound calls blocked when a monthly spend threshold is reached

  2. Near threshold alert: email announcement when a percentage of threshold is reached

  3. Block international call barring: where not required by the business

  4. Fraud Ensurance: a small fee per trunk line per month to prevent fraud

  5. Account contact verification: only authorised employees can request trunk line actions

  6. Variance checking: comparing the current period of billing against the previous period

Cyber Checklist

  1. Voice network firewall: prevent the rerouting of calls even if the system or voicemail is compromised

  2. Data network firewall: prevent unauthorized access to the data network

  3. Cyber Essentials: Government-supported scheme setting out recommended standards 

  4. Pen test: network/system survey to identify possible vulnerabilities

bottom of page