Manualshelf

Instruction manual

ManualsBrandsBetter Music Builder ManualsMicrophones and systemsVM-82U G3
61626364656667686970
Large business communications systems
5-2 Issue 9 May 2003
Chapter 8 contains security measures to protect the Automated Attendant
feature of your communications system. See ‘‘Unless specifically stated
otherwise, references in this document to “G3Vx and later” include the
specified DEFINITY G3 (and more recent) versions, DEFINITY ECS,
MultiVantage™ Software, and Communication Manager.’’ on page 8-1.
Chapter 13 provides instructions for administering the features of the
DEFINITY G3V3 and later, specifically designed to provide protection from
toll fraud.
Chapter 16 describes ‘‘Securing DEFINITY systems (Release 7.2 and
Later) with Access Security Gateway’’ on page 16-4.
Keeping unauthorized third parties
from entering the system
The major ways in which unauthorized third parties gain entry into the system are
as follows:
Remote access
Remote maintenance port
Vectors
Transfers from adjunct systems, including voice mail systems, call
prompters, and voice response systems
Protecting the Remote Access feature
Remote access, or direct inward system access (DISA), allows callers to call into
the PBX from a remote location (for example, a satellite office or while traveling)
and use the system facilities to make calls. When properly secured, the Remote
Access feature is both cost-efficient and convenient. However, every security
measure has an offsetting level of inconvenience for the user. These
inconveniences must be weighed against the possible risk of toll fraud.
Security tips
Evaluate the necessity for remote access. If this feature is not vital to your
organization, consider deactivating the feature. If you need the feature, use
as many of the security measures presented in this chapter as you can.
Use a unpublished telephone number for this feature. Professional hackers
scan telephone directories for local numbers and 800 numbers used for
remote access. Keeping your remote access number out of the phone
book helps prevent it from getting into the wrong hands. Avoid
administering a night service destination to remote access on any
published number.
Keep an authorized user list and reevaluate it on a need-to-have basis.