Manualshelf

Technical information

ManualsBrandsAT&T ManualsNetwork RouterDEFINITY Remote Port Security Device
41424344454647484950
General Security Measures
Issue 7 June 2001
3-9
Establishing a Policy
As a safeguard against toll fraud, follow these guidelines:
Change passwords frequently (at least quarterly). Set password expiration
times and tell users when the changes go into effect. Changing passwords
routinely on a specific date (such as the first of the month) helps users to
remember to do so.
Establish well-controlled procedures for resetting passwords.
Limit the number of invalid attempts to access a voice mail to five or less.
Monitor access to the dial-up maintenance port. Change the access
password regularly and issue it only to authorized personnel. Consider
using the Remote Port Security Device. (Refer to Chapter 15 for additional
information.)
Create a PBX system management policy concerning employee turnover
and include these actions:
Delete all unused voice mailboxes in the voice mail system.
If an employee is terminated, immediately delete any voice
mailboxes belonging to that employee.
If a terminated employee had Remote Access calling privileges and
a personal authorization code, remove the authorization code
immediately.
If barrier codes and/or authorization codes were shared by the
terminated employee, these should be changed immediately. Notify
the remaining users as well.
If the terminated employee had access to the system administration
interface, their login ID should be removed (G3V3 or later). Any
associated passwords should be changed immediately.
Back up system files regularly to ensure a timely recovery should it be
required. Schedule regular, off-site backups.
Physical Security
You should always limit access to the system console and supporting
documentation. The following are some recommendations:
Keep the attendant console and supporting documentation in an office that
is secured with a changeable combination lock. Provide the combination
only to those individuals having a real need to enter the office.
Keep telephone wiring closets and equipment rooms locked.
Keep telephone logs and printed reports in locations that only authorized
personnel can enter.
Design distributed reports so they do not reveal password or trunk access
code information.