PARTNER® Advanced Communications System
Appendix A: Security Notification and Checklist
SECURITY NOTIFICATION DOCUMENT
AVAYA Inc.
And
_______________________________________________________________
I.Introduction
The PARTNER ACS 1600 DSL module adds the ability to make Internet connections to your business. Internet connections pose inherent risks. This notification, and the associated checklist, are intended to help business owners recognize and minimize those risks.
There are three separate areas of concern to be considered: the ability of an unknown internet user to access your data, the need to control access to router configuration tables, and the need to store router configuration values for recovery from a catastrophic failure. Those three areas of concern are addressed in the checklist.
II. Roles and Responsibilities
The purchase of a converged communications system is a complicated process involving many phases including vendor selection, equipment selection, design, ordering, implementation, and systems assurance testing. Throughout each of these phases, customers, manufacturers, and service providers each have specific roles and responsibilities.
As a manufacturer, Avaya Inc. acknowledges the following responsibilities:
•Develop a system that can provide robust barriers against fraudulent entry.
•Provide information to customers and service providers about the default state of various points of entry. When appropriate, these entry points will be defaulted to a secure state.
•Provide clear warnings in product documentation, and address security issues in training classes and training materials.
The service provider must accept the following responsibilities:
•Educate the customer/purchaser on security risks in specific products and applications.
•Educate the customer/purchaser on available methods for minimizing risks, and costs associated with implementing those solutions when appropriate.
Appendix A: Security Notification and Checklist
52