Monday, 11 July 2011

10 Steps To Reducing Toll Fraud

As a key starting point we suggest all business telephone systems should have a Telephone System Secure Fraud Audit, this audit will be best carried out by the system maintainer who for a nominal cost should be able to provide this service covering the following:

Remove or de-activate all unnecessary system functionality including remote access ports. If you must have the latter, protect them with strong authentication techniques such as strong passwords or pin number access.

Restrict the numbers that employees can dial into the system.

Call bar all premium rate numbers and add restrictions for international numbers, operator and international operator and Directory Enquiries.

Review your telephone system call logging/reporting records regularly to spot any increases in call volumes or calls to suspicious destinations. Treat all internal directories, call logging reports or audit logs as confidential. Destroy them securely when they're no longer needed.

Lock out all voicemail ports for outgoing access to trunks if you can, if access to lines-voicemail is vital and then introduce suitable controls. Lock any surplus mailboxes until you have a user for them.

Change your voicemail and DISA (Direct Inward System Access) passwords regularly and don't use the factory defaults ...not using DISA? Then disable it completely.

Change the system and engineering passwords.

Remove Auto Attendant options for accessing outside lines.

Only give individuals the appropriate and minimum level of system access they need to carry out a specific task. Review your system security and configuration settings regularly. Follow up any vulnerabilities or irregularities promptly.

For advice on any aspect of your business communicationscontact 8020 Ltd on 01387 250008.

Andrew Edgar
Managing Director
8020 Ltd
01387 250008