Latest Posts

Latest Comments


Improving voicemail password protection


Posted by |

It is with interest that I read Ofcom’s report this week into the password habits of UK users. Though it is no surprise that some individuals are adopting passwords that are less secure, perhaps linked to their personal information, the exact statistics are startling. An alarming 26% of UK adults report using birthdays or names as passwords to access online services, with more than half of the Ofcom report’s respondents admitting to using the same password across multiple communication outlets.

As Divisional Director of a managed services provider, I am all too familiar with the dangers of ill-advised passwords. My personal experience with attempted breaches supports the statistics reported by Ofcom, with obvious and easily guessable passwords accounting for a large proportion of the security issues I am faced with. At this very moment in time, advanced software programmes will be calling hundreds of numbers per minute in an attempt to bypass PBX security systems, looking for networks to ‘hijack’ to make pricey international calls. Information about these networks is worth a lot of money, and by selling on this information the hackers can make a neat profit. And when trying to get into a corporate voicemail system, hackers will try ‘1234’ first, doing so because it has a significant rate of success.

It is therefore important that businesses take note of these latest findings. Organisations must ensure that their password policies are clear, and respected by all members of staff. Simple steps to improve password protection could be to introduce a five digit voicemail PIN instead of the traditional four – hackers won’t expect this. It may also be appropriate to reduce the number of unsuccessful attempts allowed from three to two, with these additional security measures significantly reducing the success rate of attempted breaches.

And though end-users can take steps to prevent successful breaches, it is sadly not possible to stop hackers from trying. This is where having an effective managed services provider (MSP) taking charge of your telephone system can benefit business productivity post-incident. The most proactive MSPs will automate the act of PIN resetting when users are locked out after an attempted hack, emailing users with their new PIN before they realise there has been an incident with their mailbox, while in-house PBX systems require IT staff to manually conduct this chore for each individual involved. In light of Ofcom’s report, therefore, it is important to reassess password policies. But in an age where attempted security breaches are becoming more frequent, it is also imperative that businesses look to ensure they are able to recover from such attempts as efficiently as possible.



Post a comment

Comment submitted! Comments needs approval before being displayed.