Password Security Measures Should Also Extend to Phone Systems
The growth of “The Internet of Things” (IoT) has great promise in terms of enhancing productivity and providing the ability to successfully monitor and manage a wide and growing variety of networked devices. The other side of this positive coin is that as more and more traffic converges on the network, more and more threats abound, and the importance of information security becomes ever more critical.
publish date: October 8, 2018
The growth of “The Internet of Things” (IoT) has great promise in terms of enhancing productivity and providing the ability to successfully monitor and manage a wide and growing variety of networked devices. The other side of this positive coin is that as more and more traffic converges on the network, more and more threats abound, and the importance of information security becomes ever more critical.
An interesting example of the risks that abound is a security threat which targets phone systems. This risk has spread to the Midwest and has recently affected Nebraska companies, including some based in central Nebraska. The threat – toll fraud – involves the ability for bad actors to gain access to your voicemail system, change certain settings, and make outbound calls to long distance and international numbers. Some companies have been hit with thousands of dollars in long distance and international charges over the course of just a few hours, often in the middle of the night.
Unfortunately many businesses realize they need voice security only after suffering a costly attack. Toll fraud has attracted a global cast of hackers who are relentless in finding soft targets to attack. The softest targets are companies that do not follow industry best practices in terms of strong password enablement and other network settings.
Protecting your voice network is much like protecting your data network. The security policies and technologies can be complex, depending on your goals (including any compliance requirements), your applications and locations, and the IP phone system you're using, whether onsite or hosted.
With that said, there are three basic questions to consider: (1) how have you configured dial plans and user profiles; (2) how are you protecting your voice system in terms of both physical and logical access; and (3) which security policies have you implemented with users?
We recommend a three-step approach to deal with the immediate and growing risks around phone system security:
- Conduct a security assessment to determine the current settings on your phone system and identify possible vulnerabilities.
- Make informed decisions about how best to deal with any threats identified in the assessment.
- Remediate vulnerabilities either with internal expertise or by engaging expert technical support.
If you’re interested in talking about how Intellicom can help you contain the risk, please reach out with the contact info listed on our website We look forward to talking with you.
Next Article
Hardware and Software Procurement Factors to Consider