A BtL fraud solution can provide three types of monitoring:
Call Monitors – Display user-defined lists of calls in chronological order.
Alarms – An alarm triggered by user-defined telephonic events, to provide you with instant notification of telecom usage that may adversely impact or effect the running of your voice systems.
Threshold Alarms – Allow set your own warning levels (60% – 90%) that trigger before the actual alarm level is breached.
Common Best Practice Recommendations
Use the maximum length of PIN allowed on your system (minimum 6 characters)
Implement a policy of regularly changing your PINs
Never share or divulge PINs
Delete all unused mailboxes on your system. Often PINs aren’t changed and mailboxes are left unused
Unless absolutely necessary, don’t allow extension users to divert their numbers away from the telephone system as this facility is extremely open to abuse. As a minimum this type of facility should be restricted to specific users and not offered globally, and there should be restrictions on the numbers that can be dialled.
DISA – Direct Inward System Access
This is an old technology but is still in use, and it’s a favoured entry method for hackers. If possible, DISA should be replaced by newer technologies like DDI.
Trunk-to-Trunk transfer restriction
Where possible, limit the users that are allowed to perform trunk-to-trunk transfers and restrict trunk-to-trunk transfer from automated devices like ACD, IVR or voicemail.
Call Barring and Toll Restriction
This can be applied on the phone system on a per extension basis or globally at a line level. In both cases these restrictions should be as tight as possible. If an extension user has no reason to make international calls then put a restriction in place. If no-one needs to call premium rate numbers then put a line level call bar in place. Where only a small number of people need access to these destinations solutions can be put in place so to override the global restrictions in a safe and controlled manner.