Stay Safe Summer

Monday, August 5, 2019

It's that time of the year where the nights are longer and a little warmer but the office is also a little quieter. 

Summer can be a vulnerable time for businesses with reduced staff levels meaning less opportunity to spot the signs of fraud in time. So before you jet off on your summer holiday, we wanted to highlight some ways in which you can help protect your business against fraud.

Telephone and hosted system fraud is a global problem, with an average incident costing in the thousands. So it's definitely something for you to consider over the coming months. 

But don't worry, we have a customer checklist below to help you stay Summer safe.



Customer checklist

A senior manager should be aware of these safeguards and ensure staff follow them as relevant.

  • Passwords and access codes should be changed regularly and if possible be alpha/numeric and as many digits as the system allows. Avoid 0000, 1234, extension number=PIN passwords.

  • Delete/change passwords for ex employees. 

  • Consider limiting call types by extension, if an extension user has no requirement to ring international/premium rate numbers then bar access to these call types.

  • If possible, restrict outbound calls outside working hours.

  • Secure the system physically, site it in a secure comms room and restrict access to that area.

  • Regular reviews of calls should be carried out to cover analysis of billed calls by originating extension also to identify irregular usage and unexpected traffic.

  • Ensure you fully understand your system’s functionality and capabilities and restrict access to those services which you do not use.

  • Mailboxes - block access to unallocated mailboxes on the system, change the default PIN on unused mailboxes. Remove any unused mailboxes.

  • Be vigilant for evidence of hacking - inability to get an outbound line is usually a good indicator of high volumes of traffic through your system. Check for calls outside business hours.

  • Assess the security of all telephone and or hosted system peripherals/applications: platform, operating system, password and permissions scheme. Carefully evaluate the security of any onboard remote management utility (eg PC Anywhere) for possible holes.

  • Check firewall logs weekly.