A recent article in The New York Times has highlighted the dangers of leaving phone systems unsecured. According to the article, hackers broke into an architecture firm in San Francisco and managed to dial $166,000 of calls in a single weekend, all to premium rate numbers in countries such as Gambia and Somalia. In fact, the report says that globally last year such frauds cost businesses in excess of $4 billion.
It is a while since we warned about the dangers of such fraudulent practices. But with the clocks going back this weekend signalling the start of the run-up to Christmas it is worth reiterating the importance of phone security.
The prevalence of mobile phones means that we are perhaps slightly more aware than before about the dangers of phone theft; but when it comes to business phones, some organisations are sleepwalking into danger. However there are a few simple measures which a business can take to help to prevent fraudsters from making off with the phone bill. For a start, there is the default code with which systems are issued. Unfortunately, as with credit and debit cards, the default of 0000 or 1234 is all too often used; making it easy for potential fraudsters to break in to the system. The rule here is to change the code at the outset and then change it regularly to avoid it being passed on outside the business. Electronic door locks, security locks, even computer passwords are all on the ‘change it regularly’ list so why not phone codes as well.
Then there is the phone system itself. Is it really necessary for it to be completely open and enabled to dial every phone number everywhere? It’s quite simple, if the business doesn’t deal with customers or suppliers abroad then set the switchboard to not allow dialled calls outside the UK. Similarly, if premium rate numbers are not part of the day to day business routine then bar those too. In fact, even if calls abroad or premium rate numbers are part of business life then it might be worth restricting them to certain phones or adopting dialling pass codes which have to be used before the call can be made.
And then there are those dead times, when the office is deserted apart from the randomly flashing lights which signal that power is being used by a whole lot of machines left on or in standby mode. When the office is shut at night, weekends or bank holidays, does the phone system need to be up and running? If not, why not power it down or bar outgoing calls. In fact, when an individual is on holiday it may be worth shutting down their phones as well to prevent visitors to the office from misusing the system. And when someone is away, don’t forget to transfer their incoming calls. It can make all the difference between a satisfied or dissatisfied caller.
It is said that when thieves are determined they will always find a way but businesses can help themselves by taking a few simple precautions which will deter all but the most persistent of offenders.