Support: 0330 332 7933 Sales: 0808 500 1436

Why move to SIP and VoIP from my ISDN and Analogue Lines?

As I am sure you have heard, BT has announced it will be switching off its PSTN and ISDN networks in 2025 with the phase-out starting in 2020. Now is the perfect time to start considering the move from ISDN to SIP and it’s benefit on the bottom line…

Before I move forward with explaining time frames, process and things to consider before the transition from ISDN to SIP, I’ll quickly define these Key acronyms in case you are already lost.

What is ISDN and Analogue?

An analogue line is your old fashioned single voice line that you have at your home which can take one call at a time with very limited functionality, these are still used in smaller businesses and still even across companies such as Halfords Autocentre’s.

An ISDN line has greater capabilities, able to handle up to 30 concurrent calls (if you have an ISDN30) with greater voice quality and a lot more suitable for business purposes.

What is SIP and VoIP?

SIP stands for Session Initiation Protocol, and it is the technology that enables your voice traffic (previously carried over physical ISDN and Analogue lines) to be carried over the internet.

VoIP, stands for Voice over Internet Protocol, this is the description for voice traffic travelling via the internet. When you hear the term, VoIP phone system, it means it is compatible with SIP and has the ability to carry voice traffic over the internet. If your phone system is not SIP enabled then this means it is only compatible with ISDN/Analogue lines and you need to look at a new phone system when transitioning over to SIP.

What are the benefits of moving to SIP and VoIP?

You’ll likely save 50% when moving from ISDN to SIP

The way the SIP network has been built by the network carriers it has made the management of the voice network much cheaper to house and run, thus the costs are significantly cheaper. On average companies save 50% due to the line rental being at least half the price per month compared to their ISDN’s as well as the call rates themselves being a lot cheaper than the rates on ISDN and Analogue.


One thing which is great about SIP, is that if the roads are dug up, as the council loves to do around this time, then you don’t have to worry about your phone lines being damaged. As SIP is carrying your voice traffic over the internet, your not reliant on physical lines, as long as you have internet, you have voice. A caveat to this, make sure you have resilient connectivity by having a backup connectivity line in place.

Better call quality

As well as increased resilience and cost savings, the calls you are making (as long as you have the correct connectivity) will increase in quality so your calls sound clearer and more professional.

What do I need in place before transitioning ISDN to SIP?


If you haven’t figured it out yet, your calls will be taking up your internet traffic, so if your current bandwidth is sufficient, then you probably need to upgrade. There are a few options:

Upgrade your connectivity to a leased line, for example, to give you plenty of bandwidth for both calls and general internet usage.

Upgrade your connectivity as above and apply QoS (Quality of Service) to ensure that your voice traffic has its own segregated bandwidth so your voice traffic isn’t impacted by any uplifts in your standard internet usage and each has its own limitations.

Use a separate connectivity line for your voice. A lot of companies will simply put a separate line in, an FTTC or Leased Line depending on the number of users and call volume, to ensure that the voice traffic is unhindered.

Phone System

Ensure that your current system has VoIP capability, meaning that it has the capability to manage calls over the internet when you do transition ISDN to SIP. If your phone system is outdated and is limited to ISDN/Analogue, then this is a great opportunity to carry out some discovery work to understand what future functionalities you would like out of your phone system in the coming 5 years plus.

There are a tonne of phone systems out there so you have to think about what you want out of a provider, how you would prefer to pay for it (monthly, one off etc.) and what functionalities you need/want (e.g. contact center, conference calls, system integrations).

Here at Intercity we aim to help find the best option for every business we talk to, whether that is us or another provider. If you would like to talk through your current setup and the options you have then you are more than welcome to contact one of our consultants who will talk you through everything you need to know.

Up next

A virtual coffee on cyber attacks with Jayson Dudley from Mazars LLP

Cyber attacks are said to cost the global economy £266 billion, affecting more than 800 million people a year and removing 15% to 20% of the value created by the internet.

“removing 15 to 20 per cent of the value created by the internet.”

How many of the points below have you either expressed or heard being discussed in the workplace?

  • ‘Our type of company does not need security; our data would be useless to a hacker’
  • ‘Security is not a priority for us now’
  • ‘It is not worth the expenditure’
  • ‘It hasn’t happened to us yet so I am sure we will be fine’

Consider the following situations:

TalkTalk lost 101,000 customers and suffered costs of £60m due to a cyber attacks on the company in October 2015.

Data breaches at Home Depot during both 2013 and 2014 resulted in a total cost of $162 million.

On February 4, 2016, a cyber attack on the central bank of Bangladesh resulted in losses of $81 Million and prevented another $850 Million in transactions from being processed.

Hackers used SWIFT credentials of Bangladesh Central Bank employees to request the Federal Reserve Bank of New York to transfer nearly $1 billion of the Bangladesh Bank’s funds to bank accounts in the Philippines, Sri Lanka and other parts of Asia.

This is not just something that large organisations are battling but SME’s also with the average attacks costing businesses £250,000 at a time.

This is a combination of the economic loss directly because of the attack, legal costs, staff costs and loss of business coupled with reputation cost. To a small company this could result in bankruptcy.

To get an insight on the topic of cyber security, I spoke to Jayson Dudley, the Group Chief Information Officer responsible for information security best practices for Mazars LLP.

Q: What do you think are the most vulnerable areas of security for companies currently?

Phishing attacks are one of the biggest issues currently. End users are not on that level yet and because of the way these sites can pick up and disappear overnight they are very hard to block.

Companies need to get into a training regime to catch people clicking on phishing emails. There are campaigns you can then send out to a group of people within your company to test just how successful your training has been.

It is simply a case of getting the person to check the information they have been given. In all the hacks I have seen of late they have started from someone clicking on something or there not being the appropriate level of control within their firm.

This is an example of a phishing attack I received last weekend from “Amazon” (notice the spelling and grammar errors):

Q: What information are you exposing as a company as a result of a phishing attack?

Users hate user id’s and passwords. We ran a test in one of my previous roles, their employees had access to 12 different systems within the company and most of them used the same user IDs and passwords for all 12.

The biggest example of this I have seen was around £35 million being lifted from a company due to CEO fraud. You find that once you have the credentials for one system you tend to have access to the rest.

Q: What areas of security will be most important to companies in the upcoming years?

Two really. Passwords are all well and good but even on my personal accounts I have two factor authentication. I think two-factor authentication is a big thing, the likes of Microsoft and Google use it currently. More companies need to put this in place.

Sometimes you have to cater for stupid and the best way to do that is to use digital rights management. The data is encrypted and you know it is only going to be opened by the person you send it to. It is all very well saying data is not going to leave the company. It is going to leave the company so you need to make sure it is inaccessible.

The data may not be lost forever but what you can do is prove to that client that the data was inaccessible.

“It is all very well saying data is not going to leave the company. It is going to leave the company”

Q: What would be your initial bread and butter advice when initiating a security strategy?

I wrote an article about bent bananas the other day. What I was trying to express is to never take anything on face value. I would say to the end user, if getting info via email or over a phone call do not take it on face value, check it out. Worst case scenario is that you annoy someone by ringing them and asking if they really sent it. If you don’t call, the worst-case scenario is that you lose £35 million like I mention previously. A CFO of a company was fired because of this.

I worked for a law firm preciously. The firm was dealing with a large global German company. We had filtering on our side which was blocking any emails from this company. It turned out they had an open relay on their email server.

So, I logged onto their server and sent them an email as me from their company and it absolutely scared the pants off them. He rang me almost instantly. I said are you going to tell them or do I.

This was a huge company based in Germany. It is so easy to spook email addresses.

Q: When it comes to cyber attacks on financial and legal firms, what do you think they are attacking for?

I have not seen any specific cyber attacks. I used to work for Norton Rose. There was event that happened (look at Claire Swires) that generated millions of emails. We normally received £600k a month and we got 6 million a month due to this. I do not think there is a great deal of industrial espionage going on. Generally, people are after monetising this stuff as quickly as possible through encryption emails and gaining access to bank accounts.

There is a path of least resistance. There is no point in trying to hack a bank for example because they have so much security in place it is unbelievable. However, I know from experience that you only have to pay somebody in a bank to do something wrong and they will do it for enough money.

If you really want to prevent access to something then you look at your weakest link and that is normally your end users.

Q: What risks are there for a company when receiving phishing emails?

The largest issues are where there aren’t internal checks in place for bank account information. If I were to send an email to someone low on the finance team, such as:

‘I am the Chief Executive, can you transfer this money to this account right now because we are going to lose a deal if not. ‘

If I do not check with this person first, worst case scenario, we could lose all the money in our bank account. For the smaller companies this could cause them to go bankrupt, they could go to the wall if they do not have the appropriate level of insurance.

The key points to take away from this are the following:

  1. Don’t be stupid. Read important emails once, then again and then double check with the “sender” before acting upon it. It is worth the embarrassment of checking.
  2. Put technology in place which can help prevent these cyber attacks before they get to you. You need to make sure you have this in place across your whole network, especially your mobile phones which is the weakest part of a company’s network right now.
  3. Make sure when data is lost from your company it is inaccessible, whether that is on a memory stick, laptop or phone. Make sure encryption or remote wiping is in place.

How can you act upon this blog? Talk to the experts in the industry.

Here at Intercity Technology we offer security solutions to ensure your whole environment is secure. We keep up to date with the latest threats by implementing the latest technology so all you need to worry about is simply contacting us.