When workplaces across the country shut down and employees started working remotely during the pandemic, leaders faced an increase in cyber and physical threats to their business. One CNBC survey found that more than one in three executives experienced a spike in cyberthreats to their systems. In addition, officers with the Seattle Police Department said the number of reports of burglaries of local businesses had nearly doubled during the first month of the stay-at-home order.
Business leaders have been left to protect their networks and physical office spaces, while also adapting their operations and processes to be efficient in a fully remote setting. Now, as economies and businesses reopen and take steps toward the new normal, they have a new perspective on security and the measures to take to safeguard their team and resources.
Knowing how to best protect against telecom fraudsters can be challenging. And while threats come from the outside, the solution must come from within. In this blog, we aim to offer businesses and service providers a refresher on network security best practices to protect against telecom fraud.
Enforce safe password practices
This might seem like a no-brainer but requiring strong passwords for all devices connected to a network is key to protecting against telecom fraud. This includes creating passwords for control access, devices taken off-company premises, and remote access networks. A best practice is to utilize complex passwords and update them regularly (i.e. every 90 days).
Know the access points and train employees
A network is only as secure as the least safe device that connects to it. Periodically taking inventory of devices allows security teams to better identify suspicious activity and maintain an updated and secure system. It also provides a way for companies to understand the access points and identify the weakest links, which helps inform strategy on how to strengthen vulnerable areas.
Once the access points are understood, companies should continuously review policies and implement training programs for employees, so that devices stay current with the most up-to-date security protocols. Part of this is ensuring that the email addresses and tools in place are being used by team members. If they aren’t in use, they can be considered a red target and can be potential liabilities if teams do not get rid of them.
Set and define calling parameters.
This includes setting a maximum default rate for outbound calls and creating call limits in a destination whitelist. For background, a destination whitelist acts as a guide explicitly defining the regions or numbers that can be called, regardless of defined outbound rates.
By defining parameters and setting a maximum outbound rate, the business has total control to block any calls that try to connect to a destination outside of the approved parameters. These parameters may differ for every company and can be altered as calling needs and traffic patterns change. Defining regions or numbers on this list will set security parameters that prevent charges from accruing if there is a breach or the network is hacked.
Implement STIR/SHAKEN
Another best practice is taking the time to learn about the SHAKEN/STIR protocols. Your carrier will likely have already adopted this authentication protocol, but it is still helpful to educate yourself on its capabilities and standards. Ask your mobile and landline carriers which protocols they have in place to digitally identify fraudulent orders placed on your behalf and ask if there are steps you can take to comply.
Enable IP-based authentication for outbound calls.
If a company’s phone system has a static IP address, consider setting up verification filters for outbound calls to further secure the account. This will restrict access to telephony resources from an internal IP address, allowing only users with the correct authorization to place calls or send messages on the network. If the network requires multiple mobile users logging on from dynamic IP addresses, consider creating a blacklist of IP addresses that have been identified as potential hackers.
Monitor and audit
Auditing ensures that the precautions a company has in place are functioning properly, maximizing efforts to protect the weakest links in the network. We recommend a yearly audit of PBX systems on public IP addresses to ensure fraud controls are still aligned with traffic patterns. In addition, we recommend regular monitoring (i.e. threat scanning) be conducted throughout the year.
Bad actors are always waiting to attack and are constantly evolving their means of doing so. Companies that implement some of these basic telecom and network security precautions will be better suited to fight off threats and maintain secure network connections. As you apply these guidelines and educate employees in telecom security best practices, your business will benefit, and you will prevent severe fallout from an attack.
