Home > Lucent Technologies > Communications System > Lucent Technologies BCS Products Security Handbook Instructions Manual

Lucent Technologies BCS Products Security Handbook Instructions Manual

    Download as PDF Print this page Share this page

    Have a look at the manual Lucent Technologies BCS Products Security Handbook Instructions Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 413 Lucent Technologies manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    							Toll Fraud Job Aids 
    Page F-1 Toll Fraud Warning Signs 
    F
    BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    F
    FToll Fraud Job Aids
    The job aids in this appendix are tools for your organization to use in securing 
    your system against toll fraud. Copy them and distribute them to your staff to post 
    or use in any other manner that meets their needs.
    Toll Fraud Warning Signs
    nCustomers or employees complain that the 800 number is always busy. 
    The busy line could even impact local Direct Inward Dial (DID) lines.
    nSwitchboard operators complain of frequent hang-ups or touch-tone 
    sounds when they answer.
    nSignificant increase in “internal” requests for “operator assistance” in 
    making outbound calls, particularly international ones.
    nUnexplained increase in long distance usage.
    nIncrease in short duration calls.
    nHeavy call volume on nights, weekends, and/or holidays.
    nStation Message Detail Recording (SMDR) shows an unusual amount of 
    short duration calls.
    nEstablished thresholds on trunk groups are exceeded.
    nSwitchboard operators note or complain about frequent calls from 
    individuals with foreign accents.
    nStaff or customer complaints of inability to enter voice mail system.
    nAny attempts by outsiders to obtain sensitive information regarding the 
    telecommunications system or calls from individuals posing as employees 
    when they clearly are not. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Toll Fraud Job Aids 
    Page F-2 Toll Fraud Warning Signs 
    F
    nSudden or unexplained inability to access specific administrative functions 
    within the system.
    nEmployees complain of difficulty in obtaining an outside line.
    nSimultaneous Direct Inward System Access (DISA) authorization code use 
    coming from two different places at the same time.
    nAn upsurge in use on DISA or other trunks.
    nUnusual increase in customer premises equipment-based system memory 
    usage.
    nUnexplained changes in system software parameters.
    nUnexplained problems related to being “locked out” of the system or 
    Personal Identification Number (PIN) changes in the voice mail system.
    nSignificant increase in calls from a single geographic area or from the same 
    Automatic Number Identification (ANI).
    nAny discrepancies in telephone bills, such as unusual calling patterns, calls 
    to international locations with which the user does not normally interact, 
    and calls for which you cannot account. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Toll Fraud Job Aids 
    Page F-3 System Security Action Plan 
    F
    System Security Action Plan
    Figure F-1. System Security Action Plan
    Educate End UsersEstablish Port Security Procedures
    Secure the Administration System Perform Security Monitoring
    The first step customers should take in
    tightening the security of their systems
    is to increase end-users’ awareness of
    the system’s security features and
    vulnerabilities.
    Develop and implement a toll fraud detection
    and reaction plan with all employees.
    Train users on remote access responsibilities
    and security procedures.
    Establish and maintain security policies
    regarding password/authorization code
    protection.
    Once you have established an effective
    Control administrative access passwords,
    and change them frequently.
    Never store administrative port numbers or
    passwords as part of a connection “script.”
    Use Remote Port Security Device to “lock-up”
    administrative ports.
    Monitor call detail records and “800 service”
    billing records for unusual activity.
    Monitor “invalid login attempt” activity levels
    on remote access and administration ports.
    Establish thresholds and monitor port and
    trunk activity levels.
    port security plan, you need to protect it.
    Management of the access into adminis-
    trative and maintenance capabilities is an
    important part of the total System Security
    Plan.System Security Monitoring plays acritical role in a customer’s overall
    security scheme. By monitoring
    system security precautions already
    taken, customers can react quickly
    to any potential threat detected. Use passwords, authorization codes, and
    barrier codes. Set them to maximum length
    Assign calling privilege restriction levels to
    users on a need-to-call basis.
    Block off-hours and weekend calling privileges,
    or use alternate restriction levels when possible.
    and change them frequently.Customers must establish security
    measures to manage and control
    access to the ports into the communication
    system. The security measures should 
    also control the calling privileges users
    will have access to. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Toll Fraud Job Aids 
    Page F-4 Top 10 Tips to Help Prevent Phone “Phraud” 
    F
    Top 10 Tips to Help Prevent Phone 
    “Phraud”
    1. Protect System Administration Access
    Insure secure passwords exist for all logins that allow System 
    Administration or Maintenance access to the system. Change the 
    passwords frequently.
    2. Prevent Voice Mail System Transfer to Dial Tone
    Activate “secure transfer” features in voice mail systems.
    Place appropriate restrictions on voice mail access/egress ports.
    3. Deny Unauthorized Users Direct Inward System Access 
    (Remote Access)
    If you are not using Remote Access features, deactivate or disable them.
    If you are using Remote Access, require the use of barrier codes and/or 
    authorization codes set for maximum length. Change the codes frequently.
    4. Place Protection on Systems that Prompt Callers to Input Digits
    Callers should be prevented from dialing unintended digit combinations at 
    prompts.
    Auto attendants and call vectors should be restricted from allowing access 
    to dial tone.
    5. Use System Software to Intelligently Control Call Routing
    Create ARS or WCR patterns to control how each call is to be handled.
    Use “Time Of Day” routing capabilities to limit facilities available on nights 
    and weekends.
    Deny all end-points the ability to directly access outgoing trunks.
    6. Block Access To International Calling Capability
    When international access is required, establish permission groups.
    Limit access to only the specific destinations required for business.
    7. Protect Access to Information Stored as Voice
    Password restrict access to voice mail mailboxes.
    Use non-trivial passwords and change passwords regularly.
    8. Provide Physical Security for Telecommunications Assets
    Restrict unauthorized access to equipment rooms and wire connection 
    closets.
    Protect system documentation and reports data from being compromised. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Toll Fraud Job Aids 
    Page F-5 Top 10 Tips to Help Prevent Phone “Phraud” 
    F
    9. Monitor Traffic and System Activity for Abnormal Patterns
    Activate features that “Turn Off” access in response to unauthorized 
    access attempts.
    Use Traffic and Call Detail reports to monitor call activity levels.
    10. Educate System Users to Recognize Toll Fraud Activity and React 
    Appropriately
    From safely using Calling Cards to securing voice mailbox passwords, 
    users need to be trained on how to protect themselves from inadvertent 
    compromises to the system’s security. 
    						
    							Special Security Product and Service Offers 
    Page G-1 Remote Port Security Device (RPSD) 
    G
    BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    G
    GSpecial Security Product and Service 
    Offers
    Remote Port Security Device (RPSD)
    The Lucent Technologies RPSD1 offers enhanced protection for dial-up data 
    access. Communications systems typically consist of a mix of digital PBXs, voice 
    mail systems, and adjunct applications computers. Dial-up ports on these systems 
    provide remote access for maintenance and administration support. They also 
    provide potential access to the hackers or thieves who use easily obtainable 
    computers and software to gain unauthorized access to your systems.
    NOTE:
    Since the RPSD contains a Data Encryption Standard (DES) algorithm, its 
    use outside the United States and Canada is prohibited by law.
    Once a hacker gains access to your systems, he or she can explore sensitive 
    information, disrupt voice and data communications, and manipulate software 
    applications. This access can result in unauthorized use of network facilities and 
    the theft of long distance services.
    While effective system security management can usually stop the hacker, the 
    Lucent Technologies Remote Port Security Device (RPSD) gives you a 
    state-of-the-art single channel protection system that enhances your ability to 
    prevent unauthorized users or hackers from accessing your system’s dial-up 
    communications ports.
    1. The RPSD is compatible with: the DEFINITY ECS, DEFINITY Communications Systems, 
    System 75 (V2 or higher), System 85 and DIMENSION PBX Systems; the AUDIX, 
    DEFINITY AUDIX, and AUDIX Voice Power Systems; and all System Management 
    products. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Special Security Product and Service Offers 
    Page G-2 Remote Port Security Device (RPSD) 
    G
    Dial-up ports provide access to data networks and computers that contain critical 
    data and software applications. While these ports help to improve productivity and 
    increase customer satisfaction, they also provide potential access to hackers.
    The Key and Lock use a sophisticated dynamic challenge/response technique to 
    assist you in preventing unauthorized access to your administration and 
    maintenance ports. The Key and Lock authentication process is as follows: The 
    Lock answers the incoming call destined for the dial-up modem port. It generates 
    a dynamic challenge, unique to every call, and transmits it to the RPSD installed 
    at the calling end. The Lock and Key must be initialized with the same secret 
    encryption key value. This secret encryption key has approximately 70 quadrillion 
    combinations. 
    When the RPSD Key receives the challenge, it generates a response using the 
    secret encryption key. It then transmits the expected response back to the RPSD 
    Lock. If the RPSD lock successfully authenticates the response, it provides 
    ringing to the terminating modem and the call completes. The RPSD terminates a 
    call immediately if any step in the challenge/response authentication process is 
    not completed successfully.
    The RPSD helps to: 
    nprotect remote locations that communicate with a central network via 
    dial-up lines
    nsafeguard companies that remotely administer PBX and voice mail 
    systems
    nensure that critical network routing information and PBX feature 
    translations are not compromised
    ncontrol access of dial-up ports by remote maintenance or service personnel
    Key and Lock Features
    nUses randomly-generated encrypted data to perform Key/Lock 
    authentication handshake.
    nTime of Day/Day of Week restrictions can control Key access to Locks. 
    Each user profile can have up to 14 restrictions set.
    nHistory Logs provide audit trails of the last 500 administrative changes, 
    accesses, and failures.
    nSystem Administration provides menu-driven commands with on-line help 
    and security options for administrative access.
    nSelf-check and built-in diagnostics enable simple and fast problem 
    diagnosis.
    nA Power Monitor Circuit allows you to fail or bypass calls to the Lock during 
    a power failure. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Special Security Product and Service Offers 
    Page G-3 Security Audit Service 
    G
    nAn Alarm Contact Closure interface is provided to generate an alarm when 
    the Lock loses power.
    Lock and Keys work with all data communications protocols.
    Lucent Technologies Support
    Lucent Technologies provides RPSD Keys to their maintenance centers to 
    accommodate access to systems you secure with the RPSD Lock.
    For more information on the RPSD, see the 
    DEFINITY Communications Systems 
    Remote Port Security Device User’s Manual
    , 555-025-400.
    Security Audit Service
    The Lucent Technologies Security Audit Service is a fee-based, consultative 
    service that provides a security evaluation of a customer’s telecommunications 
    system. The Security Audit is conducted by a team of experts from Lucent 
    Technologies’ World-Class Service Center (WCSC). The process starts with a 
    preliminary telephone interview. This is followed by an on-site (or remote) security 
    audit of the equipment, followed by an analysis of system vulnerability and written 
    recommendations for increasing security.
    For more information, contact your Lucent Technologies representative.
    Lucent Technologies HackerTracker
    Lucent Technologies HackerTracker alerts you to abnormal calling activities. You 
    can program the software to continually monitor all incoming calls and watch for 
    hallmarks of hacker activity. Call detail activity is marked against a set of 
    pre-established threshold criteria, and if these thresholds are exceeded, alarms 
    and alerts are sent to designated security system administrators. HackerTracker 
    is designed to work in conjunction with Lucent Technologies’ Call Accounting 
    System (CAS Plus Version 3).
    For more information, call 1 800 521-7872. 
    						
    							BCS Products
    Security Handbook  
    555-025-600  Issue 6
    December 1997
    Special Security Product and Service Offers 
    Page G-4 Security Tune-Up Service 
    G
    Security Tune-Up Service
    The Security Tune-Up Service is a fee-based, consultative service designed to 
    provide an expedient, on-line review of your system security as it relates to toll 
    fraud. This service is provided for the DEFINITY ECS, DEFINITY 
    Communications Systems G1, G2, and G3, the DIMENSION PBX System, 
    System 75, System 85; and the AUDIX, the AUDIX Voice Power, the DEFINITY 
    AUDIX, and the I
    NTUITY AUDIX Voice Messaging Systems.
    Customer Support Engineers, specializing in security, will remotely access your 
    system, analyze the potential risks in the system, and optionally implement 
    agreed-upon changes to secure the system.
    For more information, call 1 800 643-2353. 
    						
    All Lucent Technologies manuals Comments (0)

    Related Manuals for Lucent Technologies BCS Products Security Handbook Instructions Manual