Security

From Evo Voice
Jump to: navigation, search

Security

Security is a very broad topic and Evo Voice has multiple layers of security. The most common questions that come up are related to voice security.

Voice

Evo has standardized on Twilio as their carrier and because of this, security is built in. There are two main types of audio endpoints in Evo Voice - "Soft Phone" endpoints and "SIP endpoints" each of these is handled slightly differently.

For Soft Phone clients (e.g. the App, Console, etc.) we use Twilio's Client SDK for communication which has built in encryption using a "capability token". More information about this can be found here: https://www.twilio.com/docs/voice/client/capability-tokens

For SIP devices (e.g. Polycom handsets) - communication is encrypted using TLS over port 5061 which is the standard SIP encryption port (https://isc.sans.edu/diary/Cyber+Security+Awareness+Month+-+Day+20+-+Ports+5060+%26+5061+-+SIP+%28VoIP%29/7405)

Also see our main article on Toll Fraud

Chat/Browser

In addition to the above encryption used for all voice communication, all other communication with the Evo Voice web services is done over HTTPS.

Database

Our databases are hosted on MongoDB Atlas which is an enterprise level managed database system. All data is encrypted per this article https://www.mongodb.com/cloud/atlas/faq

Snapshots

The above sections discuss transport level security, but we have also taken steps to prevent issues with users accidentally breaking things.

Our Snapshots system was specifically designed to make full system backups fast and easy so that rolling back to a known state is a matter of clicking a button.