Security overview

Security elements with Message Networking

Security concerns for the Message Networking system include toll fraud, unauthorized reprogramming of computer systems, unauthorized access to telecommunication system by misusing the call transfer capabilities of the system or through ports meant for remote administration or maintenance, unintended disclosure of confidential information, and virus attacks. These activities result in huge telephone bills, revenue loss, administrative costs, decreased system performance, and loss of customer confidence. The various security risks faced by telecommunication systems today are described in the following sections.

Telecommunications Fraud

Toll Fraud is a significant security concern in traditional voice messaging systems. Unauthorized people use personal computers, random number generators and password cracking programs to break into the most sophisticated systems and commit frauds. Today, with the convergence of voice and data and the advent of IP Telephony, security problems are not limited to toll fraud and unauthorized access. The advancement in technology has opened up a wide array of vulnerabilities that can compromise the security of the entire organization. See Telecommunication service thefts for more information on Toll Fraud.

Internal threats

Securing a system does not begin with the system itself, but with the people and organizations that use it. In deciding who to protect the system against, one must not forget to look internally. A significant number of attacks come from within. Internal security is important to the protection of information and assets. It is easier to misuse or damage the system by physical methods than by hacking the system passwords. Employees can easily access the mailbox of another employee and pass critical and confidential information, such as passwords, to unauthorized people. It is necessary to enforce a proper security policy against such internal breach of communications.

Internet threats

Message Networking is deployed into the existing corporate LAN and is exposed to the Internet. Security is a primary concern when an organization connects its network to the Internet. Network administrators have increasing concerns about the security of their networks when they expose their organization’s private data and networking infrastructure to Internet crackers. Some of the common methods of attacks from the Internet include Internet worms, virus attacks, malicious e-mail attachments, IP spoofing, password attacks, network packet sniffers, Denial of Service attacks, and Application layer attacks. These attacks can lead to theft, and to destruction and corruption that can cause irreparable damage to sensitive and confidential information.

What you need to do

It is extremely important that system managers and administrators plan and implement the necessary security measures and ensure that:

Message Networking integrates into your existing TCP/IP network in accordance with the corporate networking policies, and the server also allows the usage of existing firewall and of corporate security policies and practices.

The network prevents exposure of potentially sensitive customer messages by using sending restrictions that provide data for you to check to ensure that there has been no unauthorized usage.

You prevent unauthorized use of the server capabilities by protecting the server with administrator and user passwords. Lengthy and random passwords minimize the possibility of hacking.

The network prevents unauthorized command-line access to the main server.

The network prevents all well known types of hacker attacks, including denial of service attacks.

The servers provide sufficient logs, like the Administrator History Log, to facilitate detection of actual and attempted unauthorized usage and identification of sources of unauthorized usage.