Our clients include government departments, banks, law firms, listed companies and small business.
Below are three examples of telephone security audits:
Top 10 Australian Law Firm
This client had good internal security procedures but was unaware that the telephone system they were using had two vulnerabilities known to hackers rendering their security processes invalid. We penetrated the system and made recommendations which were promptly implemented. The manufacturer has not published software fixes for the vulnerabilities, which is all too common in the telecommunications industry, but for the first issue we were able to change a process without impacting on system useability and for the second we added an external piece of hardware to protect the system. Unlike the IT industry the telephone system industry does not regularly publish security patches or have established methods for communicating vulnerabilities to clients.
Previously Hacked International Company
This company was hacked in 2004 at a cost of $70,000 in fraudulent toll calls which their telephone service provider demanded payment for. The company spent a great deal of time and effort with their existing telephone system maintainer addressing security vulnerabilities and felt confident the issues were resolved. The client asked Telecom Security to test their security and we were able to penetrate their systems. Although the telephone system maintainer had done their best they were not security experts and had left a range of vulnerabilities open. This client’s systems are now secure.
Melbourne Company
This audit also identified non-security related usage and configuration problems. We penetrated their voicemail system and made a number of important security recommendations for securing this system and preventing toll fraud. In addition, by war dialling their indial range, we highlighted that most of their staff did not have correctly set up voicemail messages and in a number of cases mailboxes contained test messages. The voicemail system had been in place for some time and had become little used. We provided specific recommendations for reintroducing this system to the staff, selling the benefits and thereby maximising the return on the investment the business had made in the system. Our client was extremely pleased with this result. Their systems are now secure.For case studies of Telecom Guard PABX firewall, fault monitoring and real time toll fraud monitoring click here.