Appia’s Co-Founder and VP of Legacy Systems, Bill Bollinger, discusses his tips for IT Departments on SIP Security. As someone who’s been around VoIP for as long as anyone and who’s company has thousands of SIP hack attempts every day, Bill knows his stuff and has some simple yet great tips when it comes to how to choose a secure SIP provider, how to set up your credentials in a way that reduces risk and what to do if you’re getting hit with a barrage of phantom calls.
Want more Cloud Therapy? Subscribe to us on iTunes or Stitcher!
Browse customer reviews on enterprise SIP service providers.
Don’t stress about researching the hundreds of SIP options. Click below to skip to the top 3 for your company’s needs.
See full transcript below:
Mike: Hey, everybody. Thank you for joining us on the program today. We’ve had hosted VoIP in our office for, well, since 2005, so about eleven years. Around a couple of years ago, we started noticing these calls that were coming in our 800 number. We would pick up the phone… When someone calls our 800 number, it’s, kind of, a round-robin. Somebody would pick up the phone and it would be dead air. Then, you’d hear a click and, sometimes, it would go back to a busy signal or something like that, but the calls are always coming from different numbers. Now, being in the telecom industry, I, kind of, knew, at the back of my head, there wasn’t much we could do from our phone system standpoint to block the calls because they were coming from different numbers every single time. I also knew that this was probably some type of a scam going on where somebody was making money off of long-distance calls. We called our service provider and it seemed like they couldn’t really do anything about it. We slapped an auto-attendant onto our main number to just temporarily fix the problem so that we didn’t have to constantly be picking up the phone. It, kind of, discouraged everyone in the office from wanting to pick up the phone because they knew it was probably, nine times out of ten, going to be just some dead-air call. That fixed the problem for a while and then we went back to answering the phones live after some time and it seems like it only happens here and there. Then, one of our sales people called me and told me all of a sudden his phone is ringing incessantly, non-stop, with these dead-air calls. We called our service provider – there wasn’t much they could do about it. They said something probably happened where one of his ports on his firewall got opened. He actually works from his home and something happened with his residential internet service firewall on the router, which just seemed strange. We were pretty frustrated with it. My rep was extremely frustrated with it. Since his phone was non-stop ringing, he had to unplug it most of the time. We didn’t really know what to do. All of a sudden, our service provider accidentally disconnected all of our phone numbers. When someone would call any of our phone numbers, it would say, “This number has moved” or is no longer in service. It was only down for like a minute or two – we fixed the problem super-fast. It was just a mistake, an honest mistake on their end. After that, magically, no more of those spam calls or those weird calls. Well, that’s just my story with getting, kind of, hacked or having people try to hack our hosted phone system. Now, we have hosted VoIP, but I know this goes on a lot with SIP trunking service as well since hosted VoIP, kind of, use a SIP trunking anyway – it really does, but just in a different way. Even though those are two separate products, SIP trunk and hosted VoIP, they both involve some type of security. So, when our next guest Bill Bollinger came to me and said he’d like to speak on our podcast about SIP security, I jumped at the chance just because I had an experience with it and we’re a very small company compared to some of you guys, and I know that security is always a big issue with IT folks. I thought that would be a perfect thing to talk about in our podcast. So, I’m really excited. Again, this fellow’s name is Bill Bollinger. He is the Vice President of Legacy Systems with Appia and he’s also their co-founder. Don’t let the title fool you, he’s actually more of a technical person. He is more of, like, their engineer person. Because he’s one of the co-founders, he, kind of, jumps around into different jobs – whatever type of job they need him at, that’s what he does. Right now, he’s the VP of Legacy Systems, but he really knows his stuff when it comes to SIP and VoIP. Appia started in 2001, so he co-founded a company that’s main product was Voice over IP in 2001. Most of us didn’t even know what that was in 2001. Don’t lie, most of you had no clue. I know I didn’t and I know all of my customers had no clue. That’s why he knows his stuff. It’s a really great conversation. He gets into some cool things and some actions you can do on your end to make sure that people aren’t hacking into your system. Some very specific, easy things that all of us can do like something as simple as making sure your admin is not using the standard/default credentials to log in. I know you guys are laughing, but, don’t lie, I know some of you have that setup on some of your things, so it is a good tip and it’s something that all of us need to do to make sure we don’t get our system hacked. When you do get hacked, some bad things can happen. He has a story where someone had some really significant losses, financially, on their phone bills because they were hacked. I know you’re going to get some great stuff from this episode and if that’s not enough for you, I’ve also got another free giveaway.
I took a bunch of time – I talked about this in our last episode. IT professionals, typically, do not know voice very well. Don’t be offended if you are one of those who does, but most of you don’t. I went ahead and took a lot of time to write down all the differences between all the main types of voice access which are: PRI, SIP, and analog lines. “Differences” meaning: What capabilities does each technology have in terms of being able to failover? What capabilities does each have in terms of phone numbers, in terms of access types? When is each technology the best fit for your company?
I made a little guide, it’s like a chart, listing these three technologies in three separate columns and down the rows, all these different capabilities. I hope it’s something that you guys will get a lot of benefit from. I think you will. If you’re shopping for voice services and you don’t know, really, if you should go with SIP, or stay with PRI, or if you should keep your analog lines if you’re moving to SIP, this is a great little guide. It’s real short and sweet.
I’ll give it to you for free, no problem. All you have to do is text the word “VOICEGUIDE” to the number 44-222. Again, just text the word “VOICEGUIDE” to the number 44-222 and we will send you a free copy of this voice guide that I, personally, took the time to make and I know you’ll like.
Alright, let’s get to the interview.
Alright, Bill. Thanks for joining us on the program.
Bill: Thank you for having me.
Mike: Tell us a little bit about yourself both personally and professionally.
Bill: Love to. I’m with Appia Communications. I’ve been here since about 2001. I’m currently the VP of Legacy Systems, but throughout my tenure here I’ve had a number of different roles. I’ve been involved with the building of our infrastructure, deployment of our services, maintenance of our services, and also involved on the sales side as well.
Mike: Fantastic. What did you do before Appia?
Bill: I’ve been with a number of technical companies, a number of startups. It also had a begun a startup involved in Voice over IP as well.
Mike: Wow. So, yeah, you’ve been in Voice over IP before most of us knew what it was.
Bill: I have, actually. It put me in a fairly unique place to be able to participate in the startup of Appia Communications.
Mike: Fantastic. What about personally?
Bill: I live in metro Chicago, and a couple of kids that are grown and off on their own. I enjoy running quite a bit – I run several marathons. Between running and working, that’s, kind of, my life.
Mike: That’s pretty cool. What’s the last marathon that you ran?
Bill: The last marathon I ran was the Indianapolis marathon a few years ago.
Mike: Oh, fantastic. So, sometimes you’re actually traveling to go run different ones, not just in Chicago?
Bill: That’s correct. I ran marathons in Honolulu, in Indianapolis, and Chicago.
Mike: Oh, wow. The running bug is just one thing that has never hit me. I think I’ve hated to run since I was a little kid. I was an athlete in a lot of other sports, but the running thing, you know… Now that I have kids and don’t have as much free time, just trying to stay in shape going to the gym, I always think, “You know, maybe running is a good idea,” but it just never sounds like fun to me. For you, is it something that you’ve always enjoyed? Is it something that you’ve picked up as you got a little bit older?
Bill: Running is not my favorite thing either. I, kind of, look at it as a life extension practice. I ran my first marathon in Honolulu, as I’ve mentioned, back in 1985 with little to no training because I was young and foolish. I did so much damage, I didn’t run again for another fifteen years, so it’s been the last ten years or so that I’ve picked it back up again.
Mike: Oh, wow. Yeah. When we were kids, I think, my dad got into running a little bit. He ran in a marathon, I think, it was down in Long Beach. My memory is just us getting in our family van – we had four kids in our family. We drove down to see him run this marathon. I remember afterward… I remember him, like, getting in the back of the van and cramping up on the way home. He must have been cramped up because, all of a sudden, he was in all this pain.
As a kid, I didn’t know what was going on. I’m like, “Why is he…” like, “Gosh, is he going to die or something? What’s going on back there?” Thinking back now, I was thinking, oh, that’s the first marathon he ever ran in. It’s probably just like you said, he probably didn’t prepare for it as much as he should have. It’s probably taken a toll on his body that getting into a car within half an hour after you get done running a marathon and charging home, probably start cramping up pretty bad.
Bill: As far as I’m concerned, he’s a winner just for having attempted a marathon. Completing it is even better. My hat’s off to him.
Mike: Yeah, me too. I’m like, “Oh, man. That’s tough.” Just being on the elliptical machine is pretty tough for me, but I don’t know.
Anyway, today, I’m excited to hear your topic. Today, you’re going to talk to us about SIP security, which I think is a really great topic because I know our listeners who are IT professionals for small and mid-sized companies out there, I know security is always huge with them no matter what we’re talking. Whether or not we’re talking cloud computing, or their servers in-house, or SIP, security is always big.
I think, SIP security, in itself can, kind of, sneak up on you. People think voice, a lot of times security really isn’t their top concern. They’re thinking more, you know, downtime, voice quality, and things like that, but security is a big deal and should be a big deal. So, go ahead and tell us a little bit about your topic and I’ll just turn it over to you.
Bill: Well, thanks. As a SIP trunk service provider being one of the many things that Appia offers, we are daily barraged by people attempting to gain a foothold and be able to fraudulently connect with us to consume minutes, long-distance minutes. It’s primarily these attempts are happening to, what we call, high-cost destinations around the globe. In fact, we’re getting hit daily with hundreds of attempts every second. As a service provider, we’ve had to employ pretty significant security practices to prevent unauthorized people from being able to leverage our infrastructure while only allowing those folks who are authorized to be able to leverage our trunking services.
Mike: Can you explain that a little bit to us novices out there? I’ve heard that a little bit being in the industry for sixteen years. Not as long as you, but long enough to know that I’ve heard about, somehow, there are some scams going on where people make money by consuming long-distance minutes. Can you explain that to the novice voice people out there and help us understand how people are making money off of consuming long-distance minutes?
Bill: Certainly. There are a couple of different things that happen. Now, these service providers are typically off-shore the United States – Eastern Europe and into Asia. They’re service providers themselves in many cases and they’re looking for a way to be able to place their minutes to somebody’s high-cost destination, obviously, for free to them. They, over the years, have been pretty successful with their techniques to be able to do that. Other folks will place fraudulent minutes to things like toll-free numbers or even 900 numbers where they’re making money by somebody calling into their numbers and will place multiple hour-long calls into some of these services.
Mike: These people who are terminating minutes on your network, they make money how? If they’re sending long-distance traffic onto your network and terminating it, how do they get paid? Did you guys have to pay them for minutes on your network? How does that work?
Bill: We have to pay somebody for the minutes that are used in the first case, right? They have one of their customers call Afghanistan, for instance. They, then, can gain a foothold on us or somebody like us’ network and they can have that call placed for free. They’re going to extract to their customer for making their own call, but they don’t have to pay for it. That’s one way they make money.
The other way is that some of these people have, say, a toll-free number or a 900 number, some type of a number where a fee extracted for calls into that number. They will place fraudulent calls into those numbers so that for every minute that call was up, they’re getting paid.
Mike: Okay. Because I’m always trying to figure out why the heck we always get these weird calls. For instance, on our main number, on our 800 number, a lot of times we’ll get these constant dead-air calls. A call comes in, somebody in our office picks up the phone and it’s just dead air. It’s always from a different number – the number keeps changing all the time.
We probably get, I don’t know, ten/fifteen of them a day. We’ve tried to go to our provider and it was like, “Hey, what’s going on here?” They just act like there’s nothing they can do and I’m like this has to be some type of scam where they’re making money somehow terminating these calls. I don’t know how they’re making doing this because it’s just dead air, but it was something that, when you mentioned SIP security, I was like, “I wonder if that has anything to do with what’s going on with us?”
Bill: Well, it may very well be. Really, the topic of what I wanted to talk about today was that not only are these people trying to fraudulently access our system, but they’re also focused on trying to acquire a foothold into customer PBXs and leverage their connection into some trunk provider. That situation you just described me very well be somebody trying to get a foothold into your phone system. Potentially, you may have, and this is fairly common, get into your voicemail, and your voicemail may be enabled for an outcall capability. They can get into your voicemail, gain access to this outcall capability, and place another call out of your phone system to a very high-cost destination that benefits them.
Mike: Got it.
Bill: Really, the focus of what I really wanted to talk about today was the necessary security that an administrator of a PBX needs to be sensitive to. Obviously, the PBX needs to be locked down pretty tight. Outcall capability out of voicemail has been a traditional way these folks have been able to leverage PBX, but, today, in the SIP world, SIP trunks typically use two methods of authentication with a service provider like Appia.
The first and preferred method is a method of authentication we call “IP authentication,” which means the service provider and the PBX administrator agree that the method of authentication will be the IP address that the PBX has. That works great in an environment where a static IP address is available by the customer. As a service provider, we will accept any call that originates from that IP address and on an incoming call we will send that call to that dedicated IP address. That’s the most secure method of the two methods that we have available.
For the customer that has a dynamic IP address, perhaps a DSL connection or their PBX is only capable of what we call a “digest authentication method,” a username and a password are used to authenticate. When a request comes to us from this agreed upon username and password, we’ll use that to authenticate calls and register that PBX on the IP address that those credentials are coming from.
Mike: Got it.
Bill: That’s probably the most widely used, only because a lot of PBXs have limitations in that regard. But, it’s not the most secure and there’s an opportunity for a hacker, if you will, to, through a dictionary hack or whatever, eventually guess the username and the password. It’s important that complex credentials be used if the digest method is going to be employed.
We’ve run into a number of interesting situations with this. We’ve had, in fact, a customer begin to send us, what were very clearly to us, fraudulent calls. We have systems that help us identify when this might be the case. We indicated to the customer that we were pretty certain their PBX has been compromised, but the customer didn’t want to deal with it. Despite multiple attempts by us to get their attention, they ran up a bill with us of $10,000.
Mike: Jeez.
Bill: At that point, we started to get their attention, but they continued to deny that the calls were originating from their system for about another week. During that next week, they’ve accumulated another $12,000 in fraudulent long-distance charges while we were arguing whether or not their PBX was secure and have been hacked, which, of course, it had.
It’s a story I like to use about the importance of listening to your service provider because the chances are they’ve been through this before, it’s all they do twenty-four hours a day. Pretty good chance they know what they’re talking about and they’re looking out for your best interest. This particular customer was available to the public internet. It had a set of standard credentials that are widely known throughout the industry with this particular platform they were using. The time it took us to convince them that there was a problem $24,000 or so worth of fraudulent charges was accumulated.
Mike: Jeez. Then, when you say “standard credentials,” you’re talking about username and password on a particular phone or just to get into the PBX admin in general?
Bill: Yes, the latter. The PBX admin was just using the traditional credentials, the factory default credentials that that system comes with.
Mike: Oh, got it. Yeah. You’re like, “Who helped you install your PBX? They didn’t change the factory default?” Jeez.
Bill: Well, the worst part of it was this company that we were dealing with was, in fact, an IT consulting firm that dealt with telephony.
Mike: Oh, jeez. So, lesson learned to all you listeners out there that if you have your phone system installed by a third-party, don’t automatically assume that they’re thinking SIP security as top priority. They may do the factory default to help them easily get access into all these different phone systems that they have installed and they just leave the factory default on there until, maybe, they’ve been burned. You don’t want to be the first person that gets burned for them to learn that lesson, I guess, huh?
Bill: Indeed. In fact, these folks, these hackers, have become very crafty. In the days not too long gone by, they would just blast these fraudulent phone calls and try to get as many phone calls in a shorter period through the systems that they found were vulnerable. When they would send these calls, it’s fairly easy to identify that you’ve been hacked, and that there’s something in this, and to take care of it, but they’ve gotten much craftier now. They know what these typical thresholds are that everybody is looking for now and they send calls at a frequency that’s just below these thresholds. They’ve gotten very sneaky and will come in just under the radar so it becomes more and more difficult to identify when you’ve been violated.
Mike: When somebody is trying to hack you, is it, kind of, like I described? Are you getting phone calls into your main phone line? What’s, kind of, a sneaking suspicion that somebody is trying to hack you? Is there any way to know?
Bill: Well, like I said, depending on your service provider, we employ systems where we try to identify when we see this. You should choose a service provider that, by default, will not allow your phone system to terminate to these, what we call, high-cost destinations. We just won’t let those calls go through unless the customer acknowledges that they do call these high-cost destinations from time to time and they understand the risk of us allowing those calls to terminate.
Mike: Got it.
Bill: To answer your question, the situation you described – continuous incoming phone calls with, seemingly, no one there is a pretty good idea that somebody is trying to gain a foothold, trying to figure out how to get in to your auto-attendant or find a voicemail box that, maybe, has a non-complex passwords and so forth. Having your phone systems, IP address not available to the general internet so they can’t get access to it via IP or a couple of obvious things that a system administrator should be doing.
Mike: Does that mean they should be using a private IP? Doing some type of NAT as opposed to just a raw public IP?
Bill: Absolutely. That’s, generally, what folks do, but instead of employing, say, an access control list or a firewall to only allow the traditional [50 60 00:30:20] traffic, which is, of course, what SIP uses, they’ll make it available to everybody instead of just a narrowing it down to only allowing that type of traffic from the IP addresses of their provider.
Mike: Is there anything a customer can do in terms of firewall settings? Because I know firewall gets a little bit tricky when we’re talking about SIP, or hosted VoIP, or anything like that, is there any type of firewall settings that they should be making sure they have enabled?
Bill: Well, from a security standpoint, what I just mentioned is very helpful – clamping down all SIP traffic except the SIP traffic that’s coming and going to their provider. If they have remote phones, the use of VPN can be very helpful in allowing those remote phones in. It just really depends on your environment and how you deployed your IP PBX. It’ll dictate what security measures you’ll take.
Mike: Interesting. What about hosted VoIP? Is the same set of rules applicable if you’re using hosted VoIP as opposed to just getting SIP trunks from a service provider?
Bill: It is to an extent. Complex credentials have to be employed for the phones, right? If you think about it, the phones employ a digest approach to security. Each phone has a username and a password. That username and that password have to be complex in order to avoid somebody, a bad guy, if you will, from guessing what they are. Because once an IP phone’s credentials have been compromised, that hacker, that service provider, whoever they are can begin making phone calls at will using the credentials of that extension.
Mike: That’s interesting. Because we have hosted VoIP internally and one of our users, about a month ago, all of a sudden, started getting tons of spam calls. Just like you mentioned, it was literally like every twenty seconds, he was getting inbound spam calls – just like we said like dead air and all that stuff. We called our service provider and they said, “Oh, something must have happened. There must be a port open” because this person works from home and I think they have, right now, Time Warner or something for internet. They said, “Oh, one of your ports must have been open for a second. Somebody got in there and that’s what’s going on, but there’s really nothing we can do about it.”
We just went back and forth for a long time. I was, kind of, frustrated. Here I am in the industry, but I’m getting a dose of my own medicine. There’s nothing they can do about it. Our user is just, basically, like, “I can’t even have my phone plugged in because it’s just maddening. I’m just getting constant calls.”
Then, the funny thing happened. We accidentally had all of our phone numbers disconnected. I put in a partial disconnect order. We just got rid of a couple of users on the hosted VoIP system and accidentally disconnected all of our phone numbers – only for like five minutes. Then, we got them back up, but his was one of the ones that got disconnected. When it came back up, he said, “You know what? My issues are gone.”
So, they disconnected his… If you were to call his DID for those five minutes we’re down, it said, “This number is no longer in service. It’s been disconnected or has moved,” so there’s a full disconnect message on there. Just doing that solved the problem.
But, it was something, like you said, that makes me go back, and I’m going to have to ask him what his credentials are and make sure he’s got some complex credentials in there because it may just be somebody got in and was doing something like that. I was like, well, note to self: If that starts happening, call the provider again and say, “Well, if you can’t fix it, can you just disconnect our numbers for five minutes at 8:00 at night or 10:00 at night and just let it be disconnected for half an hour or something, and then bring it all back up?” because that seems to solve the problem, ironically.
Bill: Yeah. That’s becoming more and more of a problem in our industry – these incoming phantom calls. Depending on your provider, well, some of the open systems don’t have this capability. Many of the more sophisticated systems you can actually tell the phone not to respond to any invite except those coming from your service provider. That would have solved your problem in that if that provider had that capability with the phone, the phone would have ignored all of the invites coming from places other than your service provider and that eliminates the problem that you mentioned.
Mike: That’s great. That’s some good advice. I’m writing that down because if that ever happens again, I need to know what to do because I was at a loss. I was ready to switch providers, actually. I was like, “You know? Whatever. I’m in the industry. We can switch providers pretty easily.” If they can’t resolve it, we just need to move on because I’m not going to change my sales person’s DID just to avoid spam calls. That’s silly.
Then, they’re saying, “No. You can get a managed router from us. If we deploy a managed router on site, it is housed, then we could probably prevent it.” I’m like, “Okay. So, I’m going to pay $50 – $100 a month for a managed router at a remote user’s house?” That didn’t make sense. Anyway, that’s good.
You know how it is, too. Sometimes you’re talking to somebody in service that is maybe a little bit, you know, they’re a little bit green or something. You never know. Sometimes they just make a mistake and they’re learning too. Not to say that our service provider is terrible or anything, but, yeah… That’s good info.
Overall, what’s, kind of, your parting wisdom for us on SIP security?
Bill: I’d have to say that listen to your service provider about security. If you aren’t natively offered their best security practices when you on board with the service provider, ask them for their best security practices. It’s a painful issue for our entire industry. They’re going to have some best practices for you to employ. Listen to them. Do what the service provider recommends and you should have a very positive experience.
Mike: I think that’s a great takeaway because so many times… I mean, I work with service providers on a daily basis. That is a subject that almost never comes up. It’s just a good practice to, maybe, just take that extra step and ask the, whether it’s the sales engineer you’re working with the service provider or calling in to repair, and asking them for what they recommend in terms of security measures.
Because installing customers and things like that, everybody is so busy with porting numbers and all that stuff that a topic that rarely comes up is “Hey, what are your best practices that we should be doing for SIP security? What’s a bullet list that I should make sure we do to make sure that we don’t get hacked on this SIP service?” As strange as it sounds, like I said, that doesn’t really come up very often, so it’s good to take the initiative to ask the service provider on your own. I think that’s some great advice.
Bill: Indeed.
Mike: Well, great. Thanks for sharing that with us. That was a great topic. When you, initially, brought it up to me a week or so ago, I was excited to hear about it just because of my own experience with it and, like I said earlier, because I know so many of our listeners are very concerned with security. When you’re in charge of an organization with a hundred plus users or a thousand users and you’re deploying SIP, my little issue of a few users can put a big exclamation point on how bad that issue could get. Like you said, you can end up getting a bill with thousands and thousands of dollars of fraudulent charges, and really no way to recoup it if the provider has been telling you they’re fraudulent and you’re not willing to take the extra step that they’re recommending. So, I really appreciate you coming on and sharing that wisdom with us.
Bill: My pleasure. Thanks for having me.
Mike: No problem. Before you go, I’d love it if you could tell us a little bit about your company Appia, what you guys sell, and what’s new and exciting going on in Appia these days.
Bill: Oh, super. Thanks. Appia is a managed service provider. We’ve been in business since 2001. In fact, our first commercial customer from 2001 is still our customer today in 2016, and we’re pretty proud of that fact.
Mike: That’s cool.
Bill: We’re, as I mentioned, a managed service provider with an emphasis on voice. We offer SIP trunking, as we discussed today, hosted IP telephony, hosted desktop service, hosted video conferencing. We can also offer corporate cell phone service as an [MVNO 00:40:23], and data center space – just about anything that would be interested in buying from a cloud perspective.
Mike: Fantastic. Now, are you guys selling services nationwide, or worldwide, or do you have a certain geographic area that you guys have a network in/that you sell within?
Bill: No, we’re offering service to customers in five continents. Outside of the United States and most of the civilized western world, we’re able to offer service, and we have a number of happy customers around the planet.
Mike: Fantastic. You mentioned that you guys do a lot of voice services. Is there something in particular that you guys do especially well when it comes to SIP or voice services?
Bill: We feel like our hosted voice service is difficult to beat. We deploy a geo-redundant system. The reliability of that system is measured in – [mean time 00:41:37] between failures is measured in years. We have a very talented staff, very [Inaudible 00:41:47] Again, we’ve been doing this since 2001, so we’re well-versed in all the different methods around Voice over IP and, in particular, hosted services. We would put our service up against anybody’s.
Mike: Fantastic. Yeah, it’s hard to believe that you guys were doing hosted VoIP in 2001. You and I talked about it before the call, but I was working for XO Communications in 2001. I think XO released a product that was hosted VoIP. It was on Cisco phones and we had the product for about six months and it completely…
I remember when they rolled it out; all of us sales people were just scratching our heads going, “What the heck? Wait, you give someone phones, but there’s no phone system. You connect it up to their internet T-1 and there’s dial tone? Like, what?” It sounds so silly now because everybody, kind of, knows how hosted VoIP works, theoretically, now, but, back then, that was so foreign.
Like I said, that was just a product that we tried and we rolled out. Like I said, it lasted about six months until the first couple of installs and we realized this is really difficult, and all the installs are going bad, and it’s not working very well, and we can’t get it working, so, I think, they just, kind of, brought it back in. I thought that we were, kind of, a first-mover bringing that out there, but you guys had a whole company where that was one of your core products. That’s pretty impressive.
Bill: Indeed. It’s been a fun ride these past sixteen years.
Mike: Yeah. Especially because I feel like in the last few years, hosted VoIP has really started to… That aura of mystery and fear has been lifted, I feel, like in the last three to four years where, before that, everybody was, kind of, like, “Well, I don’t know. Sounds good, but I’m still, kind of, scared of it.” Now, it seems like everybody is like, “Alright. I’m comfortable with that.” It’s a lot more accepted today than it was even just a few years ago. That’s pretty good for you guys to have a great product that you’ve been doing for a long time in a market that I think is… I think, right now, hosted VoIP is going to be exploding throughout the next five to ten years.
Bill: We concur.
Mike: Well, great. That’s some good info. If anybody wants to learn more about Appia, just reach out and contact us at Cloud Therapy or AeroComInc.com and give us a call. If you’d like to talk to anybody on Bill’s staff and learn a little bit more about Appia, we’d be happy to introduce you to their best people and teach a little bit more about their company and see if it might be a good fit.
Thanks a lot, Bill. I appreciate your taking the time. Thanks for joining us on the program.
Bill: Thank you. have a super day.
Mike: You too.
So, what did you think of Bill? I thought it was great. The thing that I got out of it the most was I’m definitely going to tell our sales person, Josh, to make sure that his credentials for logging into our hosted VoIP system. I don’t know if that had anything to do with the issue he was having where he was having non-stop calls, but it definitely would help.
That’s the big takeaway I got out of there, but, there’s a couple more too. For instance, making sure that you go with a provider that does not allow calls to terminate to those expensive destinations unless you purposefully allow it. Also, making sure you don’t put a public IP address on anything that the public can see. I think a lot of you IT folks know that intrinsically. Also, if something like that starts happening, make sure the service provider not accept any calls that are not coming from them, maybe set up your handset that way.
Needless to say, some great takeaways there for me and, hopefully, you as well. Before I go, I just wanted to, again, remind you of that cool voice comparison guide that I made for you. Hey, I spent hours putting this thing together. Don’t lie, voice is not your strength. Help yourself out, take a look at the voice guide so that you know the difference, at least, between SIP, PRI, and analog lines if you’re shopping for voice so that you’re arming yourself with some information about what you’re going to need if you’re approaching service providers.
No worries, we’ll give it to you for free. All you have to do to get it is text the word “VOICEGUIDE” to the number 44-222. Text the word “VOICEGUIDE” to the number 44-222 and we will send that voice guide to you for free.
Alright. Well, that does it for today. I hope you enjoyed the show. I’ll catch you next time.
Related Content
Cloud Therapy: EP 013 – SIP Faxing Best Practices
So your company is moving to SIP... but what about your fax machines? Long-time Level 3 sales engineer, […]
Cloud Therapy: EP 011 – SIP Trunking Installation Best Practices with Roger Arnett
Long-time voice and data engineer and current sales engineer for Fusion, Roger Arnett shares 5 best […]
How to Get Perfect Call Quality on Your SIP Trunks – Part 1 Here is something I’m hearing a lot from IT Pro’s these days.
IT Pro: “Do you know of a good SIP […]
The Best Business SIP Voice Providers "SIP is SIP, right? If we are quoting SIP for our company's voice, what feature differences can there be […]![8 Shopping Hacks for Enterprise VoIP [White Paper]](https://www.aerocominc.com/info/wp-content/uploads/2015/03/Confused-by-too-many-choices-roadsign-150x150.jpg)
8 Shopping Hacks for Enterprise VoIP [White Paper] Work Less… Get Better Results. Yes, YOU… IT Directors, Sys Admins, CIOs. It’s possible. Your company’s […]
Mike Smith’s Brain E7: 3 MORE Questions to ask when looking at Hosted VoIP Welcome to E7 of @mikesmithsbrain. Today's episode is expanding on Episode 5, "Questions to ask when looking […]