I hope you had a good Thanksgiving holiday. Obviously, it was an opportunity for me to cook. Thanksgiving Day was shared with my stepdaughter and grandkids so the meal was very traditional. As such, I was only responsible for the turkeys, gravy, mashed potatoes and bread. My wife had the more difficult job of fixing the dressing, vegetable tray, green beans, sweet potatoes, cranberry sauce, pecan pie and blackberry cobbler. I did brine the turkeys, which I always recommend (½ cup salt, ½ cup lemon juice, to 1 gallon water). I say turkeys as I roasted 1 whole stuffed turkey and two legs and thighs and I deep fried the turkey breast and wings. Friday, we put up the Christmas tree and had Mexican for lunch. Saturday I made Southwestern Turkey Soup using leftovers from Thanksgiving dinner. In addition to turkey soup, another favorite is to make potato soup. This is a combination of both. Sunday, we had oysters on the half shell (shucked by me) and pan fried/broiled grouper with a brown butter sauce. That would be the recipe of the week, if not for the desire to assist you guys in getting rid of the leftover turkey in a delicious way. I promise to share the grouper recipe at some point, but today the recipe of the week is Southwestern Turkey Soup. Enjoy!
Becoming HIPPA Compliant
Last week I listed the HIPPA compliance audit four key questions:
- Are encryption schemes in place to prevent the unauthorized interception of calls?
- Are IP endpoints running on a dedicated appliance or server with a hardened OS?
- Is the VoIP network isolated on a dedicated VLAN?
- Are VoIP calls transmitted over wireless technology with strong wireless encryption such as Wi-Fi Protected Access (WPA)?
It is rather simple to satisfy these requirements by adding encryption to the internal LAN or WAN to support VoIP calls. A Virtual Private Network (VPN) can offer protection between access points or gateways including those made by remote or traveling workers. However, remember the most frequent threat to the security of data and voice calls is an internal threat. While it is more sinister to think of hackers sitting in their bedrooms or basements looking for easy prey, it is more often the disgruntled or lack of integrity employee that listens in on private conversations or steals data. Products like Zfone offer great end-to-end encryption, but the software must be installed at the end-points. Therefore, most of your important calls to partners, financial institutions and others who have not installed the software will be exposed. Secure Real-Time Transfer Protocol (SRTP), IP Security (IPSec) or Transport Layer Security (TLS) are better choices.
VARs and IT managers should include robust levels of internal encryption and authentication as part of every VoIP/SIP Trunking solution. Although, I am not an expert in this area, Broadvox and other ITSPs do have SIP engineers that can provide insight/advice as to how to secure IP based equipment and calls. As a partner, take advantage of that knowledge and deliver even better solutions to your customers.
See you on Wednesday…