Switch Security

The only tool a criminal needs to breach an inadequately secured system is a touch-tone telephone. If criminals can gain access to an inside dial tone, they will attempt to gain access to an outside line by using normal switch functions such as:

Automatic Routing System (ARS) access codes

Pool Access Codes

Someone, somewhere, has read the switch features and administration books and passed the information around.1 If a criminal discovers a way to breach your system, they will pass that information around too. They can run up thousands of dollars of fraudulent calls in just a few hours. All security restrictions that prevent transfer to outside lines by unauthorized persons should be implemented.

Security Tips

To help prevent toll fraud at the switch, follow these guidelines:

Assign toll restrictions to voice messaging system and automated attendant ports.

If you do not to use the outcalling features of the voice messaging system, restrict the outward calling capability of all voice ports.

Use a dial plan that does not allow extensions beginning with the same digits as ARS, TAC, or verification and test codes.

Inform all system operators that they are not to dial outside calls. Request that operators report all attempts to bypass switch restrictions to the telecommunications department for repairs or to the corporate security office for investigation.

Restrict the numbers for outcalling and AMIS with a disallowed list.

1.They already know about everything described here.

A-2Issue 2.0 December 1995

Page 120
Image 120
AT&T 585-310-231 manual Switch Security, Security Tips