MERLIN LEGENDCommunications System Release 6.1 | Issue 1 |
System Planning | August 1998 |
|
|
ACustomer Support Information
Other Security Hints | Page |
Choosing Passwords | 1 |
|
|
Passwords should be the maximum length allowed by the system.
Passwords should be hard to guess and should not contain:
■All the same numbers (for example, 1111, 666666)
■Sequential characters (for example 123456)
■Numbers that can be associated with you or your business, such as your name, birthday, business name, business address, telephone number, or social security number.
■Words or commonly used names.
Passwords should be changed regularly, at least on a quarterly basis. Recycling old passwords is not recommended. Never program passwords (or authorization codes or barrier codes) onto a speed dial button.
Improving Physical Security | 1 |
You should always limit access to the system console (or attendant console) and supporting documentation. The following are some recommendations:
■Keep the system console and supporting documentation in an office that is secured with a changeable combination lock. Provide the combination only to those individuals having a real need to enter the office.
■Keep telephone wiring closets and equipment rooms locked.
■Keep telephone logs and printed reports in locations that only authorized personnel can enter.
■Design distributed reports so they do not reveal password or trunk access code information.
■Keep the voice messaging system Remote Maintenance Device turned off.
Limiting Outcalling | 1 |
When Outcalling is used to contact subscribers who are
If the Outcalling feature will not be used, outward restrict all voice messaging system ports. If Outcalling will be used, ports not used for Outcalling should be Outward Restricted (for MERLIN MAIL Voice Messaging Systems, port 2 on a
