There has always been a debate about whether hosted VoIP systems are better or on-site systems, and the bottom line on the overall debate is that it really depends on the specific requirements of the enterprise installing VoIP, and network security factors into this equation.
There isn’t much doubt that it’s a lot easier in terms of setup and maintenance to have a hosted VoIP system. In this configuration, you simply don’t have to invest a ton of money on hardware or on technical personnel to maintain the system. It’s also very easy to simply change providers if it ever happens that your current provider falls behind the times, and is no longer adequate for your company needs.
While it does represent a much greater financial investment, having a VoIP system on the premises may be a better investment for the long run. The problem with this is that many companies simply don’t have the resources for that major financial investment, and are simply unable to take advantage of the long-term benefit. If finances were not part of the debate, however, and the issue focused solely on security, which would be a better investment for your company?
From the Standpoint of Network Security
When the debate comes up about whether a hosted or an on-site solution is better for your company, security is not usually one of the primary considerations. While this is understandable, given the fact that there are other important elements to consider, e.g. technical support, maintenance, costs, staffing, etc., there’s no doubt that security should take its rightful place among these other considerations. Many companies have discovered to their regret that security is one of the most important issues that should be taken into account when implementing any kind of network which touches the Internet.
In the on-site setup, all the hardware and software needed to implement a VoIP system resides right on the company premises, and from there it is fully configured and controlled. All maintenance, troubleshooting, and security issues must be dealt with by staff personnel. Larger corporations and those which are subject to tight regulatory issues such as insurance companies are banking organizations, generally, find this very appealing.
It sometimes comes as a surprise to companies which implement their own systems just how extensive security needs can become. If security is not given a great deal of attention before implementing an on-site VoIP system, costs can quickly soar, when it becomes necessary to bring in outside expertise to manage security.
Since VoIP calls travel over the Internet, there is at least the potential for having them intercepted by hackers, and your business itself can be exposed to the possibility of having client data or important passwords were stolen, as well as a whole host of other potential problems. Your company phones themselves can even provide a convenient entry point for a clever hacker to breach the company network and cause all kinds of problems.
To avoid all this, a company would either need to have highly skilled and competent security professionals on-site or would have to arrange for consulting experts to be brought in.
As can be seen from the above, there are some significant concerns with on-site VoIP from a network security standpoint. Most of those issues fade away when your business outsources the management of your VoIP system to a hosting provider. Businesses which are in the small to medium-sized category usually find this very appealing, because they simply don’t have the resources to manage all that on their own. It can be very comforting to simply pay a monthly fee, and be secure in the knowledge that most of those potential security problems are being handled for you.
However, even though much of the burden has been relieved by a hosting provider, there are still some security issues which must be observed from the company standpoint. There’s always the potential for employees to become a security risk by opening malicious emails, by being careless with company information on social media, and by failing to observe good security practices with passwords and other company data.
It will also be necessary to have at least some good security practices on-site, to safeguard calls during the time they pass through the company network. All endpoints which touch the Internet must be made secure, and the local network itself must have adequate security protection, so as to avoid presenting a weak link to hackers.
Which is Better?
The bottom line on the security debate is that for most smaller and medium-sized companies, it’s better to have security, along with all other aspects of your VoIP system, managed by a highly reputable provider. For larger corporations which have the in-house expertise to manage their own security, on-site VoIP can be better.
However, it’s worth noting that either setup can still be prone to data breaches by a really determined hacker, which means it’s necessary to have employees well trained about network security issues, so they don’t provide an opening for network penetration. In terms of a general approach to security, the most successful implementations generally make use of several layers of security, so that if a hacker penetrates an initial defense, there are secondary defenses in place to deter the threat.