News ranked Nextiva as the #1 business phone system for two years in a row. More than 80,000 companies use Nextiva (including Netflix, Amazon, and Pac-12) because of its advanced features. It’s a complete all-in-one solution to manage every aspect of your business communication, from voice calls through to team chat and CRM integration. Designed with remote workers in mind, Nextiva is more than just a VoIP system. Nextiva is a cloud-based business phone system for companies of all sizes. We dug into the features, pricing, and reliability of competitors to compare the top 10 OnSIP alternatives: If you’ve decided OnSIP isn’t the business phone for you, no worries.
It’s a simple service for going remote, but for businesses who require a more robust VoIP system with features like built-in CRM, integrations, and Unified Communications, you may need to explore alternatives. It’s a hosted VoIP solution centered around making remote work easier. OnSIP may be one of the solutions high on your list. Now that you’ve read this you know better, and you will ensure that your phones are trustworthy.It’s difficult to find out if a Voice over IP service is good for your business as there are dozens of options to choose from. So, let’s just agree to never leave the default admin credentials in place on any device…ever! Using their provisioning server implies that your phone register with them exclusively, which may not suit your situation. That makes it super simple to lock down your phones. For example, if you use OnSIP, as I do, and point your phones at their provisioning server, they will force the phones to take up complex new login credentials. Smart shoppers give some thought to device deployment, or select a service provider who handles this for them. It is true that the continued growth of hosted SIP services has delivered an expanding fleet of SIP phones into the hands of the otherwise unsuspecting. Heck, Polycom’s VVX phones now default to using encrypted web access to the web interface. That is to say, they nag a lot where they were previously silent on the matter. In my own recent experience with newer Polycom and Grandstream devices I have found that the companies are making more of an effort to alert users to change the default credentials, both in the web interface and on the face of the device. Even so, you need to ensure that they do. If you’re ceding responsibility to a reseller or service provider then they should take care of business. That is to say, if you are deploying these phones you should give this stuff some consideration. Myself, I am more of the “ you bought it, you own it” school of thought.
I recall a discussion of such things on Dan York’s old Blue Box Podcast on VoIP Security. Such concerns are not new, they’ve been around as long as IP phones themselves. They claim that the phone warns the user about such things, but doesn’t MAKE them change the default login, for example. Moore and associates chide companies for not forcing users to take even basic precautions to lock down the device at the point of deployment. It’s the failure to restrict access to the admin functions via the network that leaves the back door swinging wide open. The key seems to be ensuring that when the phone is deployed the administrative access is sensibly locked down. Now, this isn’t nearly as bad as it seems, even for snom. He could basically express his creativity. He could put the phone into speakerphone mode, sending silence so as not to disturb the user, then listen to what was happening nearby. He could answer calls, even before the phone rang, then transfer the call elsewhere. Thereafter he’d just leave the phone on a long running call without the user ever becoming aware that it was busy. Further, he could setup routing to send all calls via a premium service that paid him for every minute of connect time. Then he used that control to do various nefarious things.įor example, he could place calls. He found that with the default admin credentials in place he could penetrate the phone, achieving broad control of the device. This claim stems from Paul Moore, a security consultant, hacking a snom 320 IP phone. I’m not worried simply because my IP phones don’t suffer the particular vulnerability in question. I do agree that YOUR IP phone(s) might be a candidate target for such an exploit. This somewhat frightful claim has been reverberating around the inter-web the past few days.
0 kommentar(er)
