Wherever possible, your 3CX should be locked down. Some areas to consider are:
- Start by implementing VoIP security during the design stage
- Ensure a suitable firewall is in place and configured correctly. Read more on our firewall config guide
- Implement OAuth flows for best practice security
- Choose strong and unique passwords for IP phones, admin interface and web clients
- Segregate voice and data networks where possible and reduce exposure to non-trusted networks
- Make use of an intrusion detection system
- Monitor network usage
- Harden the OS and keep it up to date
- Keep your phone firmware up to date
- Use the 3CX Global Blacklist