Securing your data and VoIP phone calls

It is surprisingly easy for people to read your e-mails, passwords, documents and even listen in to media such as VoIP phone calls over unsecured or even moderately secured WiFi connections.  Programs that do this are freely available for download, even to amateurs.

Professionals: identity thieves, corporate espionage agents, governments and so on can do this with their eyes closed.  US government VoIP wiretap regulations (which require VoIP service providers make it easy for the government to listen in) are increased in scope and have the potential to not only make it easier for the government to listen in, but also malicious actors.  But you can easily take some steps to protect the privacy of your data and VoIP phone calls from a wide variety of threats.

Virtual Private Networking Services

Virtual Private Networking works on the idea of “tunneling” your data.  The basic idea is that your data is encrypted on your computer, sent across the public Internet, then decrypted at its destination.  In effect, the encryption encapsulates your data and sends it through a secure virtual tunnel, preventing malicious agents from gaining access to your data.  While they will still be able to see your Internet traffic, encryption will prevent them from being able to read the data.

What you should know about encryption and security in general is very simple. First, choose a difficult password. This should be relatively long and use alphanumeric characters, not words like “password” or the name of your pet. Second, the larger the “key,” the stronger the encryption. Generally key sizes over 256 bits provide plenty of protection against snooping.

Now, back to Virtual Private Networks (VPNs). Whenever you send or receive unencrypted data over the Internet it can be intercepted by a third party and read. If you’re using a wireless network at home or in the office to access the Internet this danger is doubly serious. And if you’re using a wireless network somewhere in public – say, a coffee shop – then you’re really at risk. While wired networks require some form of “tapping” or hacking, wireless networks transmit your data across the airwaves for hundreds of feet, allowing a potential attacker to record your data undetectably.

VPNs change the equation. By routing your data through a secure VPN connection, your data will be encrypted between your computer and the VPN server.  There are a number of low cost VPN service providers on the Internet. This is a must for frequent travelers who access the Internet from many different hotspots on the road, as they are prime targets for malicious attacks.

But what about securing VoIP?

Using a hosted VPN service will only secure your data between your computer and the service provider’s. On the other end, it will be unencrypted again. While this is a good basic level of security, real security is when your data is encrypted all way from start to finish. With VoIP, that means from your computer to the computer of the person you are talking to (these techniques don’t work with landlines). One way to mitigate this threat is to have your associate sign up with the same VPN provider, then to use a peer-to-peer VoIP service like Skype. This does leave the possibility open that your data will be unencrypted at some point on or between the VPN service provider’s computers. However, this risk is negligible as compared to the risk that will have been eliminated by this tactic.

Do It Yourself

Do it yourself options will take a bit of extra work, but can provide better security because you know that your traffic will never be unencrypted anywhere but inside your home or office network. You can either choose a hardware solution or a software solution.

Software:

The software solution is to install a VPN server on your home computer or office server, such as WinGate. This works just like the hosted VPN services discussed above, except you’re actually running it yourself. Running your own VPN server has two primary advantages, however: first, it will allow you to securely access files on your home computer or office network, and second, you know that your data will always be encrypted on the public Internet. Thus, if both you and your associate log in to your VPN server to use IM or VoIP services, you won’t have to worry about your data being unencrypted at any stage.

Hardware:

Another way to encrypt your calls is to buy a router that provides VPN capabilities. The only difference here is that a piece of hardware, rather than software, is running the VPN service. Hardware solutions are good options for home users who do not have a dedicated computer server (perhaps your laptop is only computer: in this case, you won’t have a computer at home to run the VPN service on).

In summary

The threats to your privacy and security are real, but largely manageable for very little time, trouble and cost. Please post any questions, suggestions, recommendations or corrections in the comments below.

Leave a comment

You must be logged in to post a comment.