Cybersecurity 101 for Communications Services

Mark Speer

Crafting a Robust Digital Fortress

In an era driven by digital communications and voice and messaging advancements, securing our online spaces has become a top priority. As owners and guardians of communications entry points to the carrier networks, it is our prerogative and responsibility to maintain a strong bulwark against potential cyber threats that could lead to the transmission of malicious phone calls or text messages by bad actors who breach our cybersecurity.

It’s paramount that we and our entire employee base (view my tips) stay updated, informed, and proactive in our cybersecurity measures—and it grows from the ground up. There are numerous good core habits that are critical to securing our personal and work devices, and overflow into our professional responsibilities when we work in a technical field like online communications. And although many would define them as “basic,” they continue to evolve along with the threats.

By adopting a comprehensive, well-defined strategy encompassing these practices, we can ensure our safety and foster trust by the carriers and vendors we rely on to keep communications flowing and avoid costly disconnects, fines, and existential risks to our businesses.

The following holistic guide delves deeper into a few of these important cybersecurity measures:

Redefine Password Paradigms

Gone are the days of ‘Password123.’ Think about them as keys; you wouldn’t have the same key for your house, car, and locker. The National Institute for Standards and Technology (NIST) sets a gold standard, urging users to employ lengthy and unique passwords or passphrases. Follow their example and diversify your passwords. Leveraging password managers like Bitwarden, LastPass or numerous others can streamline this process, generating and retaining distinct, formidable passwords for each digital door you need to unlock.

A Multi-Layered Shield to Amplify Login Protocols

It’s not just about passwords anymore. The new age demands a multi-layered approach. Embrace Multi-Factor Authentication (MFA). It’s more than a mere password; it’s a symphony of security layers that ensures only verified users gain access. Whether it’s through a secure token, a dynamic code sent to your mobile device, or an authenticator app, this tiered defense mechanism is your first line of protection. Offer as many of these as technically possible, but insist that all users employ at least one beyond simple passwords.

Elevate Your Connection Defense

The devices you use—be it your laptop, smartphone, or tablet—demand top-notch security firmware. Regularly update your OS, browsers, and security software to shield against the latest malware and virus threats. Turn on auto-updates wherever available, and bolster this shield with reputable antivirus software such as Norton, MacAfee, or Bitdefender.

In addition, Distributed Denial-of-Service (DDoS) attacks have metamorphosed into a colossal challenge for businesses across the spectrum. From multinational corporations to communications platforms and services of all shapes and sizes, the digital age has ushered in not just opportunities but also vulnerabilities. DDoS attacks epitomize this dark underbelly, relentlessly pursuing gaps in a company’s cyber defenses. At its core, DDoS attacks are orchestrated by cyber adversaries seeking to inundate a network or website with an excessive volume of traffic. This surfeit of requests can incapacitate the system, denying legitimate users access. The repercussions aren’t merely short-lived downtimes. It can erode customer confidence, obscure more sinister intrusions, and lead to significant financial setbacks. Read more about DDoS protection in my recent post.

Navigate Digital Waters with Caution

Phishing has become an art for many cyber criminals. A seemingly genuine email can be a ruse, bait just waiting for you to bite. Stay vigilant. If an email appears unfamiliar or prompts undue urgency, steer clear. Engage with such emails with the utmost discretion—avoid clicking on embedded links or downloading attachments. Although errors like typos or a gmail address used to be a dead giveaway, the criminals are typically too sophisticated these days for such obvious hints. Worried that your credit card company is in fact urgently asking you to respond? Google the corporate website or phone number and contact them directly; don’t use any information from the email.

Social Media: Tread Lightly, Tread Safely

The allure of social media is undeniable. It’s simply the best way to stay in touch with all our friends and family in an increasingly scattered world. Yet, every post, every share adds to our digital footprint. Exercise restraint. Limit the personal information you share. Those vacation photos or your favorite coffee joint details? They might just be the breadcrumbs cybercriminals need. Prioritize privacy settings, restricting who views your information. Turn off location-based services unless absolutely necessary.

App Management: The Need of the Hour

In today’s app-centric world, our devices are often cluttered with numerous apps, many of which might be overstepping their boundaries. Periodically audit your apps. Check their permissions. If an app requests more access than it requires for its function, that’s a red flag. Practice the “rule of least privilege”—if you don’t need it, remove it. (Yes, the frequent shopper membership requires you to have the app, but when’s the last time you shopped there?!) Also, ensure all app downloads come from reputable and trusted sources.

Secure Connectivity in Public Domains

Public Wi-Fi can often be a double-edged sword. While it offers convenience, it can be a potential goldmine for hackers. When connecting, verify the network’s authenticity. Once connected, abstain from sensitive activities that demand passwords or personal details. For an added layer of protection, stick to sites with “https://” prefixes when dealing with financial transactions or online shopping.

– – – – –

To reiterate, as the owners and guardians of communications entry points to the carrier networks, it’s critical that not just our tech team but also our entire employee base stay updated, informed, and proactive in our cybersecurity measures—from the way we login to our laptops in the morning to the way we build a fortress around our entire network.

Avoid costly disconnects, fines, and risks to your company’s continued existence. By adopting a comprehensive strategy that encompasses all of these best practices, we can ensure the safety of our business, and foster trust by the carriers and vendors we rely on to keep communications flowing.

Essential Guide for Cloud Communications Compliance & Cybersecurity:

Download the full eBook


Part 1: Compliant Calling in the Cloud – Call Compliance, STIR/SHAKEN | Dialing Strategies | Dealing with SPAM Labels

Part 2: Text Messaging Compliance – Getting Started with Messaging Campaigns | Different Messaging Types, Compliance | Long Code Compliance Checklist | 7 Traits of a Good Provider

Part 3: Securing Your Voice & Messaging Business – Empowering Your Team | The Human Element | Cybersecurity 101 | Know Your Customer! | The Robocall Mitigation Database | Toll Fraud

Date posted: September 13, 2023

Topic: CPaaS   Messaging   Software as a Service (SaaS)   Voice  

Tags: cloud security   cyberattack   cybersecurity   ddos   platform   Security  

Mark Speer

As VP of Product Management & Carrier Relations, Mark ensures that thinQ’s products deliver maximum value and efficiency across a wide variety of implementations. When he’s not working with our carriers to make sure calls complete, he enjoys classic cars, traveling, artwork and exploring the desert southwest. He also enjoys spending time with his wife and family in Tucson, Arizona where they reside.

Recent posts from Mark Speer

Get the latest from Commio

We’ll send you one email a month featuring our latest blog content.