Overview of Security
This topic describes ways to use system administration tools to minimize the possibility of telecommunications toll fraud on your system. It offers safeguards that make it harder for an unauthorized user to penetrate the messaging system.
What Is Toll Fraud?
Toll fraud is the unauthorized use of a company's telecommunications service. It occurs when people misdirect their own telecommunications charges to another person or business.
For messaging systems, toll fraud consists of using the system and messaging software to complete a toll call through a networked switch.
How Toll Fraud Occurs
There are several ways that unauthorized users might attempt to breach your system, including:
Unauthorized system use
An intruder accesses your system and creates a mailbox or uses messaging functionality.
Unauthorized mailbox use
An intruder discovers how to access a particular mailbox, perhaps by:
Unauthorized use of outcalling call delivery
Fraudulent call transfer
An intruder makes use of the transfer to extension (*T) feature by transferring to the first few digits of a trunk access code.
Unauthorized System Use
To minimize the risk of unauthorized system use, follow the guidelines for your voice mail (vm), messaging system administration (sa), including the Password Aging feature. Provide additional protection for your system with Avaya's Access Security Gateway (ASG) option.
Administration Passwords
The following aspects of password management affect the security of your system:
Default Administrator Password
When your system is installed, both the sa and vm logins come with a default password. You are required to change this password immediately. Use the procedures in Changing Passwords to make this change.
Password Standards
Passwords must comply with certain minimum standards. These standards are described in Guidelines for Passwords.
Password Aging
Password aging ensures that administration passwords are changed at reasonable intervals by causing passwords to expire after a set period of time. Use password aging for administrative logins to reduce the danger of unauthorized system access.
You can change password aging by starting at the Communication Manager server SAT Command Line Interface and entering change password<login_name>. The items and their operation are described in Changing a System Password or Password Aging.
Access Security Gateway
The Access Security Gateway (ASG) feature is an optional authentication interface that you can use to secure the vm and sa logins on the Communication Manager server. Whenever a dial-up port user begins a session on the system for purposes of administration or maintenance, the user must enter a valid login ID. If the ASG interface is activated, the system issues a numerical challenge. In order for the user to access the Communication Manager server and messaging administration and maintenance features, the user must enter the correct numerical response. By activating the ASG feature, you can reduce the possibility of unauthorized remote access to the system.
You administer ASG parameters to specify whether access to the system requires ASG authentication. See the Communication Manager server documentation for appropriate administration and login procedures.
Trusted Server Security
A trusted server is a computer or a software application in a domain outside of messaging. A trusted server uses its own login and password to launch an MCAPI (Message Core Application Programming Interface); formerly called Avaya INTUITY Messaging Applications Programming Interface (IMAPI), LAN session and access messaging mailboxes.
Trusted servers can access and manipulate a message just as the messaging application can do. See Overview of Activating Internet Messaging for in-depth discussions and definitions of trusted servers, domains, and integration of email and other trusted server software with messaging.
Passwords for Trusted Servers
The trusted server can do everything to a user mailbox that a messaging user can do. You must administer a password that the trusted server application uses to request a connection to the messaging server.
The two trusted server screens are Trusted-Server Profile and MCAPI-Password. See Activating Internet Messaging for trusted server and MCAPI administration information.
To prevent unauthorized access through MCAPI into your system from an external source such as a trusted server, you must administer an MCAPI password that the trusted server uses to connect to messaging. The MCAPI password is another layer of security. It prevents an unauthorized source from starting an MCAPI session.
We recommend that you change MCAPI passwords on a regular basis, for example, monthly. If you set your administrator's password to age automatically, the system prompts you to change your password. You can also use this prompt to remind you to change the MCAPI password.
Virus Detection
Messaging allows the transmission between domains of two message components, text (email) and binary (software) file attachments. When used with a messaging system, Message Manager also supports these message components. These components introduce the possibility of a computer virus being embedded in a file attachment. While the messaging system cannot be infected with viruses embedded in these software files, client machines may become infected when a subscriber opens or launches an infected binary file.
Messaging does not perform any virus detection. Your company should carefully evaluate the security risks of file attachments and make provisions for virus detection software on personal computers running an email application or Message Manager. Your PC/LAN administrator probably has experience in detecting and preventing the transmission of software viruses. Your PC/LAN administrator may also know the minimum requirements that the messaging server and email server must meet to be allowed on the company network at all.
At a minimum, you should advise your subscribers that file attachments should be detached (not launched) and scanned for viruses before use.
Unauthorized Use of Mailboxes
One type of voice mail fraud occurs when an unauthorized user obtains the mailbox password and changes both it and the greeting. The unauthorized user then uses the mailbox for nonbusiness purposes. This use can be expensive if access is gained to the voice mail system through a 1-800 or 1-888 number.
Mailbox Administration
When you administer the system and subscribers' mailboxes, perform the following tasks to prevent unauthorized use:
To block break-in attempts, administer your system so that the allowed number of consecutive unsuccessful attempts to log in to a mailbox is low. Administer this number on the Administer System Attributes and Features page (Under Messaging Administration, select System Administration).
Deactivate unassigned mailboxes. When an employee leaves the company, remove the subscriber profile and, if necessary, reassign the mailbox.
Do not create mailboxes before they are needed.
Require passwords to be long. The minimum required length is at least one digit greater than the number of digits in subscribers' extension numbers. Subscribers can have passwords of up to 15 digits for maximum security.
Force subscribers to change the default password the first time they log in to the messaging system. Changing the default password ensures that only the subscriber has access to his or her mailbox, not someone else who enters a subscriber's extension number and then enters #. To ensure that new subscribers change their passwords immediately, administer the default password to be fewer digits than the minimum password length.
Administer password aging on the System Parameters Features screen. Password aging requires subscribers to change their password at a predefined interval. Password aging enhances overall system security and helps protect against toll fraud by making the messaging system less vulnerable to break-ins.
Subscriber Password Security
To minimize the risk of unauthorized access to messaging mailboxes, ensure that your subscribers follow these guidelines for messaging passwords:
Never have a personal greeting state that the called extension will accept collect calls or third-party billed calls. If people at your company have this kind of greeting, require that they change the greeting immediately.
Never use obvious or trivial passwords, such as a room number, employee identification number, social security number, or easily guessed numeric combinations.
Discourage the practice of writing down passwords, storing them, or sharing them with others. If a subscriber insists on writing down a password, advise the subscriber to keep the password in a secure place and never discard it while it is active.
Never program passwords onto telephone auto dial buttons.
If a subscriber receives any suspicious messages or tells you that her or his personal greeting was changed, or if for any other reason you suspect that your messaging system is being used by someone else, contact Avaya Corporate Computer and Network Security, which is described in Avaya Toll Fraud Crisis Intervention.
Fraudulent Transfers
Once users transfer to dial tone, they can dial a trunk access code (TAC), feature access code (FAC), or extension number. If the system is not properly secured, thieves can make fraudulent long distance calls or request a company employee to transfer them to a long distance number.
Fraudulent transfers can be minimized by administering features and options in messaging and on the Communication Manager server.