General discussion


Perimiter security: do you consider your PBX?

By mlayton ·
I was at a conference discussing perimiter security recently, and was amazed at what little information there was for securing a PBX. Now I know, traditionally the voice and data have been separate departments, but with the convergence of technologies, I thought the blending would be farther along then it appeared to be. So I wonder, if you are responsible for securing a network: a) do you know where all the analog ports (something necessary for a modem) within your building? b) do you know what it takes to enable/disable those ports? Do they allow incoming calls? Do you know? c)Do you know what is happening on your PBX? How it can be used for reconnaissance to get access to company information? Have you taken steps to prevent it? Do you review logs and records and would you be able to tell if such activity was happening? d) Do you apply patches to your PBX with the same zealousness of patches to your operating systems, or is it in the same configuration/firmware/software as when it was installed? e)Do you have control enough to make sure that exiting employees have their mailboxes not just terminated but removed from the system? Just wondering what the territory is like out there - is this still a big gaping hole in a network's security?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Related Discussions

Related Forums