In light of security gaps in call centers, which may lead to “attack” or fraud incidents, VEDICOR suggests:
- De-activate installed access codes in the PBX maintenance ports.
- Periodical alteration of access codes in PBX maintenance ports through certified mechanisms.
- Select codes of at least 7 digits, with a combination of letters, numbers and symbols.
- Each device must have an independent password and no extensions.
- Install / Activate incoming and outgoing file logs (CDR logging software).
- In case the PBX is not required to connect to the internet, deactivate it. If the center needs to be connected to the internet, it is advised to use Firewalls.
- In case it is deemed necessary, it is advisable to reduce the IP sources that can access the center’s open boxes.
- In the case of IP PBX, we allow access only from specific terminals.
- Cautiously manage authorized codes to halt outgoing calls.
- Customize the equipment in a way that no connection to external nets, call forwarding etc. is allowed, unless it is so determined for the operations of certain users.
- Deactivate call forwarding to telephone numbers abroad. Create groups in the telephone center, with specific capabilities, depending on the needs.
- Deactivate “allow guest” in the SIP configuration.
- Activate distant access capability only when necessary, otherwise keep it deactivated.
- Notify users on potential hazards.