Customer account security is a shared responsibility between service provider and customers. Security is implemented via policies and governance practices (people), within the service development and operations processes (process), and the application and infrastructure layers (technology).
The customer account security responsibilities are shared between customers and service provider. Customers manage their account policies, user permissions, and login information. We manages service delivery, architects and designs security into the product, and ensures physical and environmental security of the service. We employs a multi-layered security model with security at the perimeter and at the service delivery layer, TLS on our web applications, top tier data centers, and customer controlled settings in the application interface.
In addition, we also have a full-time security and fraud prevention department with a security program that is based on industry best practices.
Checklist for protecting your VoIP service
• Set strong passwords and PINs for your extensions.
Tip: Use answers to security questions that are difficult to guess and don’t make use of public or easily guessable information.
• Implement VoIP encryption on your account.
• Disable international calling on your account if it is not needed.
• If international calling is needed, restrict international destinations to those needed for your company business.
• Place VoIP phones behind firewalls.
• Block unauthorized network access to the phones’ login consoles.
• Block numbers for unwanted callers.
• Limit the users to whom you give admin-level permission.
• Only use email message forwarding for non-sensitive messages.
• Retrieve sensitive messages via an encrypted web session.
• Intermittently change extension passwords and PIN codes.
• Periodically review service usage to ensure it complies with your policies and appropriate use for your organization