Is VoIP Safe From Surveillance Systems?

Guest Author: This week’s blog post was provided to us by Tanya Williams, a freelance writer and blogger. She has been working with telecom companies for over 20 years, writing about new technologies and how businesses and business owners can take advantage of them. Her topics included IP based communications technologies, cloud computing, website development, and many more.

CellPhoneIntercept

Recently, there has been serious objections about government agents’ and other agencies’ spying on private calls, leaving many users are worried about their privacy. There are some doubts on whether VoIP is strong enough to guard against such eavesdropping and phone tapping. However, as technology VoIP tends to provide better security than its pervious systems. Landline communications were easily traceable, while VoIP runs protocols to safeguard information.

Safety with VoIP

Hackers know how to attack Internet-based devices and services, such as VoIP, allowing them to easily get hold of customer account data, records of conversations and voicemails. Additionally, if a user’s account details are compromised, that information can be used to charge third party services. However, it requires a high level of skill and technical knowledge in order to that.

VoIP has its own safety measures, which pose a challenge to such hackers or surveillance agents. All the traffic is routed through a firewall and network address translators (NAT). Utilizing a firewall is one of the most commonly used safety systems for protecting a device from Internet-based attacks. Translators help in interconnecting networks and creating a safe communication system. Services like Skype use proprietary protocols for protection by routing calls through other skype peers on the network. This enables it to traverse symmetric NATs and firewalls.

Encryption is one of the most powerful tools in protecting digital information, but VoIP is not using it currently. Due to this, it gets easier for spies to eavesdrop on voice calls that are made on a data network. There are solutions like Wireshirk, which help in doing that. Protocols like secure real-time transport protocols (SRTP) and ZRTP are used for securing VoIP. IPsec also help in securing point to point VoIP by encrypting all traffic.

Why is VoIP more secure than previous systems?

As we know, traditional phone systems were based on analog signals, which cannot be encrypted. VoIP uses data signals, which are digital, and can be easily encrypted for protection. When the signal is sent, the receiving device can then decrypt the packets easily as they get the respective decryption key. This decryption process is necessary if real information is required. In process transmission if this signal is traced, the hacker would have to decrypt it based the decryption key, which is possible only with the device for which signal was intended.

Privacy

It is hard to tell whether our conversations will remain private or not because powerful authorities, such as the government, might implement laws that could give them the power to do surveillance. In the USA, the FBI recently announced its plan to expand Communication Assistance for Law Enforcement Act (CALEA) in order to bring Internet calling, such as VoIP, under this law. This law gives them power to intercept calls. If the plan is passed, then providers will have to make the tracing easier for them, which would compromise the privacy of the user.

However, despite the possibility that VoIP may fall under CALEA, several hospitals, military organizations, and large corporations have adopted VoIP. If we see figures, almost one third of businesses in world today use VoIP. When compared with other communication systems, VoIP is still the best possible option because of it’s low cost and higher level of security when compared to traditional systems.

Infographic: Fun Facts About the Internet of Things

The number of connected devices is steadily increasing, fuelling the continued growth of the Internet of Things (IoT). To help demonstrate the impact IoT will have, we’ve created an infographic containing six fun facts about the technology.

6 Fun Facts IoT

For businesses that haven’t adopted IoT yet, it’s time to start thinking about what your competitors could do if they embraced IoT solutions faster than your company? Or consider what new business ventures can be created through the use of IoT. This technology has the potential to change the way companies communicate with their customers, and the way customers interact with their devices. If you haven’t started exploring IoT – now is the time (like, right now).

Don’t know where to start? Click here to learn more about Internet of Things.

Blog Author: Vanessa Hartung

5 Tips on Protecting Your Business from a DDoS Attack

ddos-attack1

An escalating number of businesses are falling victim to distributed denial of service, or DDoS, attacks. Compared to this period last year, there has been an 47% increase in the total number of DDoS strikes. The companies that take advantage of their attack experience by learning from it and educating their employees on cyber security go a long way. Getting hit by a DDoS attack can help uncover some vulnerabilities or mistakes that your IT department may not have previously been aware of. Combining your experiences with these 5 tips on protecting your business from a DDoS attack is the best way to help prevent future incidents.

  1. Conduct an Assessment: Review your company’s current state of network security – whether you’ve experienced problems in the past or not. This will give you a sense of where your weak points are and allow you to reinforce them.
  2. Know your Network: Reducing the cost and impact of an attack starts with early detection. The better you know your network, the easier it is for you to identify a problem. Having an understanding of the strengths and weaknesses of each network component will also give you a better understanding of what kind of assaults you can protect yourself from (such as a small attack originating from a single IP address) and if you need to outsource to help fill any security holes.
  3. Implement General Rules to Help Mitigate Attacks: Some general rules to help defend against a DDoS attack include turning down all unnecessary ports and protocols, implement an IP blacklist, block invalid and malformed packets, and configure and harden network equipment.
  4. Communicate with your ISP: In some instances, an attack can be so big that it completely saturates your bandwidth, making any other preventative tactics ineffective. Be sure to learn the procedures for getting your ISP to intervene if necessary. Work with your ISP to plan and practice for any possible large-scale attacks, and be sure to examine your Service Level Agreement (SLA) to learn your ISP’s options for defending against DDoS assaults.
  5. Create an Action Plan: In the unfortunate even that your company suffers an attack, having an action plan in place can help you stay in control – because once an attack is occurring, it’s too late to decide what action to take and how to respond. Be sure to structure your plan by severity level, since your responder actions will vary depending on the impact of the attack.

DDoS attacks can happen to any business at any moment. It’s naive to think that your website is too small to attract the attention of hackers, especially since DDoS is a relatively easy attack to perform. Reducing the cost of an attack starts with preparation and early detection.

Click here to learn more about how to protect your company from cyber attacks.

Blog Author: Vanessa Hartung

5 Tips for Establishing a Data Center Disaster Recovery Plan

As businesses continue to utilize Internet technologies, data has become central to operations and productivity. Companies have a variety of data that they must manage and protect, such as employee information, customer details, policies and procedures, and so on. In many cases, companies use data centers to store their information. However, it’s important to establish a data center disaster recovery plan to ensure your business critical items are protected. Not sure where to start creating your data center disaster recovery plan? Here are 5 tips to help you get started.

disaster_recovery-cloud-computing

  1. 24/7 Availability: Disaster recovery plans typically need to accommodate high availability requirements, so make sure your data center provides 24/7 assistance.
  2. Overcome Redundancy Limitations: If your company requires full data redundancy, the hardware costs may be more than what you’ve budgeted for – especially if you have multiple sites that need a redundant connection. Fortunately, there are options to help you overcome any budget limitations, such as virtual machine snapshots or thin provisioning.
  3. Be Sure to Manage your Disaster Recovery Spending: In addition to managing redundancy costs, it’s important to sync your disaster recovery plan with your budget. Relocating vast amounts of data offsite to a data center facility can be quite costly if your company doesn’t have the technology to support it. Some companies have found great success in utilizing their existing WAN set up to transfer the data over their Internet connection.
  4. Learn from Mistakes: Disaster is the name of the game, and sometimes even the best laid plans aren’t enough. Companies that are in the early stages of their disaster recovery planning have an opportunity to learn from the mistakes made by others.
  5. Create a Plan with IT Members: Having the right hardware and software in place isn’t the only aspect of a disaster recovery plan – you need to have an actual plan. It’s important for your IT staff to sit down and create a plan that works best for the needs and requirements of the company.

Haven’t found a data center to store your company’s information? Find the right facility for your business by clicking here.

Hybrid Clouds offer Traditional IT Departments Reassurance

Guest Author: This week’s blog was provided to us by Victor Brown – a technical writer and inbound marketer for Cirrus Hosting – a leading Canadian hosting company. Follow Victor and Cirrus on Twitter @CirrusTechLtd, like them on Facebook, and check out their blog on hosting http://www.cirrushosting.com/web-hosting-blog/

hybrid-cloud

While much of the focus is on the public cloud, hybrid clouds combine the best parts of the public cloud and in-house or collocated infrastructure deployments.

When we think about the cloud, it’s mostly the public cloud that grabs our attention. That’s understandable: the public cloud has instigated a revolution in the way companies of all sizes think about IT infrastructure deployment. But there are plenty of cloud naysayers, who tend to fall into three broad categories: traditional IT folks accustomed to complete control over the infrastructure layer; pro-cloud analysts with a genuine interest in exposing the potential weaknesses of the public cloud in order to encourage iteration and improvement; and those within companies who have a vested interest in maintaining the status quo.

Not much will change the minds of the latter group other than a gradual turnover of entrenched influencers, but many in the other two group, who have legitimate — although frequently misguided — concerns about the public cloud can find comfort in the private cloud, especially when coupled with public cloud platforms in a hybrid or multi-cloud environment.

It would be irresponsible for IT decision-makers to ignore the potential business and technical benefits of public cloud platforms. Never before have companies had access to such flexible, scalable, and inexpensive compute and storage power. As I said, it changes the way that businesses think about IT deployments, and, in an age where IT is so central to business success, it changes the way that they are able to do business. That said, no tool offers a universal solution — including the public cloud.

The solution is not to think “Public cloud or traditional in-house infrastructure,” but rather, “public cloud plus private cloud”. Private cloud environments are those that have the same flexible virtual hardware layer as public cloud platforms but in which the underlying physical hardware is dedicated to the use of one organization, rather than being shared between many different organizations in ways that are not transparent to clients.

Private clouds offer answers to many of the security and privacy concerns of IT people, as well as allowing them the measure of ownership over deployment, availability, and technical management they feel they need to be properly accountable for the infrastructure’s performance.

At the same time, private clouds have some of the negative qualities of traditional in-house deployments: CAPEX is high compared to public cloud platforms, and while the virtualized layer is just as flexible as the public cloud, dedicated hardware doesn’t offer the same flexibility of pricing or ease of scaling, both up and down.

Hybrid clouds offer a “best of both worlds” scenario, in which the benefits of the private cloud I’ve mentioned can be augmented by the benefits of public clouds. Workloads can be apportioned between the two modalities as suits the specific needs of a business. Cloud technology should not be dismissed out of hand because of perceived risks of public cloud use, rather hybrid clouds that offer the combined advantage of both public and private should be at the forefront of IT strategy.

Infographic: Cyber Crime 2013 – The Year of the Mega Breach

The year 2013 yielded record breaking data breaches and cyber crime numbers in the business community. Upon reviewing multiple reports generated by industry heavy hitters, like IBM and Symantec, we’ve created an infographic of some of their key findings.

Cyber Crime 2013

 

Business will need to take an active role in securing their company and customer data in 2014. Poor protective measures are putting an increasing number of companies at risk and the potential implications of losing data is huge. Educating staff, improving malware solutions, and routinely backing up your data are some of the steps your company can take towards increasing security and preventing loss.

Blog/Infographic Author: Vanessa Hartung

 

The Pros and Cons of Hosting Your Website

Guest Author: This week’s blog was provided by Nina Hiatt, a freelance writer who researches and creates articles on a variety of topics – including news and technology. You can learn more by visiting her Google+ profile by clicking here.

how-to-change-web-hosting

Sorting through all the available web hosting services takes time and presents an overwhelming number of options. Wouldn’t it just be easier (and cheaper) to host the site yourself? Here are some pros and cons to help your company decide:

Pros:

Hardware Control. The biggest benefit of hosting your website in house is that you have complete controlover the entire process. You control the hardware specifications, which means you can utilize hardware combinations that datacenters may not offer.

Web hosting providers usually have different sizes and speeds of processors, memory, storage, and bandwidth. Usually when you want more storage, you have to pay for a faster processor and more bandwidth as well.

However, certain websites may benefit from having large memory and a slower processor, or a fast processor and little storage. If you are hosting your own site, you can make decisions as to how fast, slow, big, or small your equipment is. Your company can also save money by not paying for services you don’t need for your site.

Money Savings. Any time you decide to provide a service on your own, you will be saving money. There’s no need to stress over paying bills or worrying about what products you have access to with your subscription package.

Software Control. Self-hosting a site also gives you control over the software you use and what features you put on your company website. If you use a free hosting service, like WordPress or BlogSpot, you may not have access to all the features you’d like your website to have. Even a paid hosting service may not offer what you are looking for, like chat capabilities or ecommerce.

Making Changes. Any changes, updates, or modifications can be made quickly and easily. You don’t have to go through a technical staff. If you make any changes you don’t like, you can immediately reset everything to its original state.

Instant Satisfaction. If you want to make changes to your server or your site, you can make the changes instantly. There is no waiting period between communicating your desires to the web hosting company, and seeing the changes on your site.

Cons:

Complete Responsibility. Along with complete control comes complete responsibility. You’re company can decide what hardware to use, but you have to actually know how to use it. If anything breaks down, it is up to you to figure out the problem and find a solution.

24/7 Duty. You are also responsible for monitoring your site at all times. If your server goes down, nobody is going to alert you that there is an issue. You not only have to fix all issues, but you have to be able to detect them as well.

Web Providers. Another potential roadblock you may run in to with web hosting is that many web providers don’t allow their users to host their own. Some of them explicitly forbid it in their contracts or they block the ports needed for hosting. Still others may dramatically increase their prices for any subscribers who want to run a server.

Even if your broadband connection does allow you to connect your own server, it probably won’t be as quick or as reliable as you will need for your site. Any downtime your web provider experiences will affect your server and your site.

Heat and Noise. Housing all the necessary hardware for a website server means you will have some loud equipment in your office. Servers generate a lot of heat, and the sound of the fans mixed with the sound of the processor will create a constant hum. The more traffic your site gets, the harder your server will have to work, and the hotter it will be. You may have to use additional cooling devices in the room where you house all of the equipment.

Takes more Time. . Letting someone host your site for you—called “managed cloud hosting” or “managed web hosting,” depending on which you choose—means that you don’t have to spend time worrying about or fixing any issues that come up. You can just sit back and work on the content of your site. When you host your own site, you will have less time to spend on the site itself.

Some Final Words of Advice

If you decide to host your site on your own, make sure you have all the technical knowledge you will need to manage the hardware and software. If you opt for managed web hosting, shop around and find the service provider that will best meet your needs. Hosting companies will usually show a comparison of their different packages. You can see examples of different packages on sites like VI.net, or you can read articles on sites like lifehacker.com that talk about the top web hosting companies and what they offer.

 

Follow

Get every new post delivered to your Inbox.

Join 111 other followers

%d bloggers like this: