Is Your VoIP Phone Killing Your Entire Network?

We just finished an audit for a new client and ran into this again, so I thought it might help to explain why using the data loop-through on your VoIP phone is generally a bad idea.

First, most VoIP phones are 10/100 networking devices. Many offices only have a single networking wall jack, so if you plug your gigabit computer network adapter into your phone and then the phone into the wall, you’ve just decreased your computer’s network throughput by a factor of 10. For networking performance, this is really like throwing out an anchor and returning your network to 1995 standards.

Second, having your VoIP phones on the same subnet (network address segment) as your computers can introduce a potentially very serious security problem. Here’s why. When purchasing or leasing a phone system, most companies also purchase an ongoing support agreement from the vendor to help with programming, moves, troubleshooting, etc. This means that your phone system vendor (and most likely the carrier) has access not only to the phone system and phones, but also to the data packets containing your computer networking data. If your organization has mandated compliance (HIPAA, PCI, etc.), this immediately creates a condition where you have uncontrolled 3rd party access to your data. And even if your company operates somewhere with no compliance or privacy laws (hard to imagine where that might be), your organization’s intellectual property is still being put at risk.

The solution? Always put your VoIP phones on their own wiring, connected to their own switches, and the system connected to a separate external IP address. While the additional wiring of a second CAT5e run can add to costs initially, you can recoup much of that immediately. 10/100 PoE switches can be purchased for the phones instead of more expensive gigabit PoE switches, and for the regular network, non-PoE switches can be deployed – another significant cost savings.



Author: Glenn Mores

President & CEO MicroData