Support User Manuals

Lucent Technologies 107970212 Answering Machine User Manual

Open as PDF

of 277

Overview

You should also

■

■

provide effective physical security for the room containing your

telecommunications equipment and the room with administrative tools,

records, and System Administration information. These areas should be

locked when unattended.

provide a secure trash disposal for all sensitive information, including

your company’s telephone directories, call accounting records, or

anything that may supply information about your communications system.

This trash should be shredded.

Security Policy and User Education

As part of your responsibility for protecting system security, you should

establish and communicate security policies for all system users. You should

let users know what measures they should take to protect system security and

explain how hackers may try to gain access to the system. In particular, you

should provide users with the following information:

■

■

■

All reports of trouble, requests to move extensions, or any other

administrative details associated with the communications system or the

voice mail system should be handled by one person (the System

Manager) or within one department. Anyone claiming to be a telephone

company representative should be referred to this person or department.

If a caller claims to be an authorized telephone company representative,

verify his or her identity before permitting that person any access to the

system.

Establish well-controlled policies for passwords:

— Establish a specific date for changing passwords (for example, the

first of each month) and help users remember to do it.

— Advise subscribers to use a 4-digit password.

— Tell users that passwords should not be recycled. They should be

hard to guess and should not contain:

■

all the same numbers (for example, 4444)

■

sequential characters (for example, 1234)

■

personal information that can be associated with them (such as

their name, birthdate, telephone number, or social security number)

— Discourage the practice of writing down passwords. If a password

needs to be written down, keep it in a secure place and never discard

it while it is still active.

—

Tell users never to program passwords onto Auto Dial buttons. Display

phones reveal the programmed numbers.

Educate employees that hackers may try to trick them into providing

them with dial tone or dialing a number for them.

■

1-16

previous next