Mobile devices with VoIP rely on a portable backend softphone to operate. Therefore protecting a mobile device with VoIP shares many commonalities with the protection recommendations used for softphones, with a few additional considerations.

These devices will likely utilise some form of wireless connection to either connect directly to an Internet service, or to connect to a network which has Internet accessibility.

When wirelessly connecting directly to an Internet service

If a mobile device connects directly to an Internet service (eg. Mobile telephones which utilise 3G networks), there are few security configuration options available to users. Instead, users should ensure that the VoIP software on devices are up to date revisions of the software, and that the software supports and utilises secure protocols such as SIP and H.323 and if available, SRTP.

When wirelessly connecting to a network with Internet accessibility

These connections will usually be made using a wireless protocol known as WiFi. WiFi technology offers a variety of potential security configurations, the main ones being WEP, WPA and WPA2. Where possible, users should ensure that the connection is made with WPA or WPA2 wireless protection (contact your mobile device vendor to see if your device supports this). If the mobile device only offers WEP protection, or no protection at all, utilising a VPN to protect the voice stream is recommended. If this is also not possible, users should be aware that their conversations are highly susceptible to confidentiality and availability attacks.