Avoxi: Is a Cloud PBX or On-Premise More Secure?

The growing number of cyber-attacks targeting businesses across the globe is landing IT leaders in the hot seat, forcing them to rethink and restructure their security strategy.

Geo-political climates, macroeconomic trends and poor cybersecurity posture have created the perfect playgrounds for hackers. With organizations victimized in every size and industry, it’s easy to see why they’re growing concerned over their data and infrastructure.

Navigating these turbulences has proven tough on businesses. And with the looming threat of system breaches, protecting their stack is vital for continuing effective inbound and outbound communications.

If you’re re-evaluating your communications, but have had some concerns about the security surrounding a cloud PBX or an on-premise, then read on.

Cloud PBX Security Concerns

There are security concerns around cloud-native applications, such as a hosted PBX, since everything is based over the web. When technology advances, so do the hackers’ motivation to exploit the system.

Some of the most common concerns among IT leaders are:

1. Telecom fraud

With telecommunications fraud up nearly 28% since 2019, businesses risk financial loss and a hit to customer satisfaction.

Unlawful access to your organization can have a significant effect on the trust your customers place in your business. Say your phone lines were hijacked and resulted in the suspension of your inbound and outbound call traffic, your customers would (rightfully) be upset.

2. No visibility

There’s apprehension around call quality and traffic visibility for cloud migration. Without the infrastructure on-site, IT leaders may feel they have no control and accessibility to their data which could jeopardize their corporate compliance, security and governance processes.

3. Disruption to business

You may feel concerned about how your staff responds to new technology. Some team members may see the move as a disruption without truly knowing its benefits. They may also be worried about its complexity, setup and time-to-proficiency in learning a new system.

On-Prem PBX Security Concerns

The reliability of hardware infrastructure is a major concern for growing businesses and their IT staff. The security level of an on-premise PBX system is a curious one to IT leaders, including:

1. Recovery

business continuity plan is crucial for ongoing operations if an attack or disaster causes your PBX to fail. On-premise phone systems are known as “single points of failure” meaning when it goes down, calls can’t be carried out and you experience more downtime.

On-prem PBXs lack geo-based contingency plans because of the stationary infrastructure. And when part of the business goes dark, it can take days to weeks to resume service especially if a bad actor dealt the blow. If the vendor is nearing the end-of-life (EOL) product stage, users will no longer receive the updates required to continue using the system.

2. Scalability

Just as hackers get savvier, cybersecurity detection and defense tools should too. On-premise systems are limited in scalability – and on the slight chance you can expand functionality and phone lines, the cost can be exorbitant.

3. Manual Optimization

You must constantly optimize your on-premise PBX to maintain security. Your team is responsible for making that happen over the course of its lifetime to ensure the phone system’s integrity. The more optimizing you have to do, the more resources you have to allocate from your budget to keep up with maintenance.

Cloud Communications Software is Serving Network Security Well

You might be thinking it’s either this or that for your communications solution. But, you can have both. An integrated CPaaS software provider does the work for you to ensure your network is sound and reliable. A cloud communications solution can enhance your phone system independently or via SIP trunk to your existing infrastructure.

With a robust all-in-one application, IT leaders can proactively manage and defend against telecom fraud activity, remain in operation, and quickly adapt their services when the time is right. This technology helps alleviate the burdens of manual and time-consuming updates generally required of IT and security teams.

Software companies like AVOXI were purpose-built to elevate your communications strategy and provide reliable voice, messaging and contact center services. We aim to protect your infrastructure and mitigate fraud activities. Watch our webinar to learn the tools to safeguard your business and reduce security gaps.

  1. Spam calls to your PBX

A fraudster has discovered a free number that lands on your PBX. Unfortunately, the IVR is often poorly built (misconfigured) and doesn’t end the call after 3 failed attempts. 

Fraudsters do this to map your PBX and discover applications like DISA, callback, voicemail callback, etc., that they can later exploit to interconnect calls to premium destinations. 

Prevention tip: Mitigate spam calls to your PBX by…

  1. Building intelligent IVRs that terminate outsiders’ failed attempts into essential applications. 
  2. Creating strong passwords for your voicemail user accounts.
  3. Checking your CDRs to identify correlations from source PBX numbers.
  4. Blocking all source numbers from identified spammers. 

2. Spam calls to your team member

Fraudsters do this to identify the working hours of your company and staff so they can exploit vulnerabilities or attack your PBX without the supervision or observance of anyone on your work team. 

Prevention tip: It’s important to provide consistent internal security awareness training to educate your staff on what to look out for and report suspicious activity. 

Oftentimes the fraudsters use social engineering attacks (vishing) to manipulate employees to divulge information. The phisher makes phone calls to the user and asks the user to dial a number. This is to bypass a call, gain privileged access to another application or make a bigger attack elsewhere. 

3. Spam calls directly to your devices

Fraudsters can recognize that you use a device already out of its useful life, or with old firmware (software) with some vulnerabilities. They recognize this equipment through Open Source intelligence search engines like Shodan

Once the target country and device version are searched, the attacker can identify from which IP address you’re connected to. Their next action would be to send you the spam (test calls) to try to exploit your device, bypassing calls to premium destinations. 

Prevention tip: You can easily reduce or avoid spam calls to your devices by…

  1. Removing EOL devices from your network. The lifespan of most devices on the market is set to 5 years. 
  2. Keep a strict watch on the communications from your hardware providers. (i.e. security and productivity improvements and bug-fix announcements)
  3. Use a personal password on your device. Never use factory default settings and change your passwords every 6 months. 
  4. Separate your telephony network from the data network.

Sourced from: Avoxi. View the original article here.

Sign up as a reseller for Fibre and Wireless Connectivity, VoIP/UCaaS and more

In addition to bringing the best news together, we have access to an extensive supplier network that makes it easy for any telecoms company looking to tap into new markets or enter the telecoms industry. Take advantage of our expertise and contact us today to line you up with the best supplier partner for your business.

Cloud PBX Solutions

Request Once, Get Multiple Quotes - Save Thousands!