Technical information
General Security Procedures
Issue 7 June 2001
16-3
Customer Education
System manager/administrator has
copy of Security Handbook/Toll
Fraud Overview
System security policy established
and distributed
System security policy reviewed
periodically
Security policy included in new-hire
orientation
Employees know how to detect
potential toll fraud
Employees know where to report
suspected toll fraud
Authorization Codes not sequential
Remote access phone number not
published
Barrier codes and passwords are
chosen to be difficult to guess
Barrier codes, passwords (including
voice mail), and authorization
codes removed/changed when
employees terminated
Authorization codes, account
codes, and passwords not written
down or translated on auto-dial
buttons
Logins and passwords are not
written down
All customer passwords changed
on regular basis
HackerTracker thresholds
established
Table 16-1. General Security Procedures (Continued)
Y/N
1
Note N/A
Continued on next page