Best practices to prevent unwanted use of your PBX phone system.

Mike's PBX tech help.It is quite common to hear of someone whose companies' phone system was breached and used to make numerous calls at the owner's expense. Most of the time these calls are international, with charges that accumulate quickly and the whole event can occur fast. Many times these events happen in the evening when employee use is either low or non-existent. Here are some tips to help avoid your PBX phone system from being used for these types of uses.

 

Mike's 10 Tips for Better PBX Security.

 

Tips to use to help avoid unwanted use of your PBX phone system..

The following tips will make it much more difficult to access a PBX from an outside source.

  1. If your company does not does not make International calls then request your dial tone provider to disable International calling or implement a block of International calling within your PBX.
  2. Disable outbound or inbound call redirects and/or extension transferring to an outside long-distance or International number.
  3. Change default passwords for access to your PBX and then use a frequent mandatory change of passwords. Never make the password for an extension as the extension number.
  4. Regularly delete or disable any unused phone numbers or extensions.
  5. For VoIP systems use a firewall and only allow VoIP/IP access to pre-authorized known IP addresses.
  6. Use Fail2ban or limit the number of attempts allowed when accessing the PBX, voicemail or other entrance points. After the limit of attempts are made unsuccessfully access will be denied.
  7. Keep your system updated (firmware) and patched for the latest security updates.
  8. Use non-standard ports.
  9. Regularly check your call records and billing information for any suspicious activity.
  10. Limit access to physical equipment and maintenance ports on the PBX.