Telecommunications will typically be the fourth largest expense on an organisation’s profit and loss sheet.
What’s more, telecoms fraud is booming, as highlighted in the recent Channel 4 News report. So what can be done about this threat?
Rufus Grig, Azzurri’s Chief Technology Officer, who appeared in the Channel 4 report, likens telecoms security to protecting your house. He says:
Firstly, ensure your front door has a good lock on it. We recommend:
- Removing all manufacturers’ default passwords.
- Don’t use a user’s extension number as a password.
- Don’t use passwords based on simple number combinations (111111) or patterns (123456).
- Ensure your voice mail system has passwords with a minimum of 6 characters. The more complex the password, the more difficult it is to guess.
- All DISA lines should (where possible) be disabled.
- Any DISA lines not disabled should be password protected.
- If possible, programme your voice mail system to force users to change their password at least every 90 days.
Secondly, ensure your back door is also secure. We recommend:
- Only giving voicemail boxes to users who need them.
- Call Barring should be used to restrict outbound access whereever possible.
- Denying inbound calls via Auto Attendant to external numbers.
- Restricting or controlling Voicemail revert (0) – dialling to pagers and mobiles.
- Restricting or controlling Personal IVRs (dial 2 to transfer to my mobile, etc.)
- Restricting or controlling Voicemail Remote Notification to pagers and mobiles, preferably within a closed user group (CUG)
- If available, use remote notification to email to notify of voicemail messages.
- Remove all unassigned voicemail boxes.
Finally, fit a ‘burglar alarm’ in case of unauthorised entry: You can either monitor your systems in-house, or through a third party specialist, by using a call logger. This will check calling patterns for:
- Calls to unusual locations.
- High call volume.
- Long call durations.
- International and calls to premium rate numbers
- High traffic after business hours.
- Most importantly, the call logger will also ensure short duration calls (sub one minute) across the corporate DDI range not repeating on the same number – as the ‘alarm’ triggers at anything above 10 calls per minute. This tells you that someone is trying to hack your system; all the previous points highlight that they may have already succeeded!
But if you follow this three stage process you will then be in a much stronger position to protect yourself against telecoms/toll fraud.
For more information and further guidance around these issues, download our guide, or contact us on 0844 324 0000 or email us at firstname.lastname@example.org.