The Bermuda Telephone Company Home Page | At Home | In Business | About BTC | Customer Service  
In Business
Telecommunications solutions for all sizes of business
Toll Fraud Guidelines
Voice Solutions/Telephone Systems
Find the latest business telephone systems, products and services
Data Solutions
Scalable and reliable solutions for business
DSL In Business
Superfast broadband access for your small business
E-Meeting
The latest in conference call technology
CoLocation
Our facility offers cost effective, flexible options for business
Toll Fraud
Protect your business against Toll Fraud

Protecting your Business against Toll Fraud

They’re called hackers. They sell information between themselves and they cost businesses millions of dollars each year.

They use weaknesses in corporate Call Server/PBX/Key System programming for personal gain at the (considerable) expense of the victims, and your system may be their next target. So what can you do to protect your system from toll fraud?

What you should do as an owner of a PBX system to protect yourself from fraud?

 

Decide what you need from your system
PBXs can restrict calls by numbers, time of day, country codes, etc. You, the owner must decide what suits your business and what procedures and policies need to be in place to keep the system secure. When key communications or administration staff leave, does the system get checked? Stay vigilant, suspicious and keep records.

Monitor your call costs and destinations
Know what your calls are costing. The marketplace offers telephone accounting and control systems of varying complexity and cost. Simpler systems keep records and might calculate call costs. More complex systems control the PBX security and provide alerts with inbuilt, programmable toll fraud detection systems. Know of irregularities well before the monthly phone bill arrives with any bad surprises. Ask your installer or service provider what steps to take if you suspect toll fraud.

Lock down the outgoing destinations
Your PBXs have multiple, powerful measures to totally restrict calls to inside the local system.

Call your installer or service provider and jointly review what numbers are allowed and barred in your system. Adopt the philosophy of initially barring all outside calls and only opening up to places that are requested or approved, and keep records. This approach allows all the new services being added by carriers to be automatically excluded until they are specifically allowed. Forwarding calls to mobiles can be barred unless allowed to specified numbers. Use a quality process where positive action is in place to review each request.

Control physical security
Determine how secure your PBX or computer switch room is. If anyone can walk in without being noticed or questioned, you may be the next victim of a more direct form of toll fraud attack. Provide escorts where necessary. Keep sensitive details of passwords, network diagrams out of sight.

Change codes and authorizations
Delete employee authorization codes when they leave your company. If they bear any ill will, they may use or sell the important codes as a means of getting revenge. Secure the passwords of your own company and your clients.

Document a plan of action
Develop a formal action plan as a “toll fraud counter-measures” policy in your company. Have procedures worked out to know who to contact (the company, the installer, the carrier, the users) for emergencies and what short-term actions need to be taken. Work out what facilities can be cut in emergencies until security is restored.

Periodic auditing
It is prudent to have PBXs audited at regular intervals to check for security weak points and how well the programming suits the needs of the company. Investigate the features of newer releases with your supplier.

 

Contact a BTC Representative to Discuss Your Needs. Call 441-299-3222 or Fax 441-292-8841 8:30 am - 4:45 pm Atlantic Standard Time or e-mail: BusinessSales@btc.bm
Establish New Service
Modify Existing Service
View & Manage Your Services
Check Your Order Status
Track Repair Request . . . ONLINE!
Establish New Service
Modify Existing Service
     Contact Us | Conditions of Service | Rates And Charges | Site Information @ The Bermuda Telephone Company 2010