One of the key areas many companies overlook when it comes to information security is their phone system.  Not only will a compromised phone system provide a hacker with the ability to eavesdrop on company confidential information or to disrupt your communications by reconfiguring the system, but it can also cost a company a lot of money. 

Compromised PABXs are often used by criminals to provide them with free long distance call facilities and rack up huge phone bills for the target company.  An interesting article on this issue appeared in SiliconRepublic.com with some insight into this crime provided by Paul Gillen, Head of the Garda Computer Crime Unit.

If you have a PABX in your company take these simple steps to help minimise your exposure ot this crime;

1. Make sure no default passwords are set on your PABX.
2. Regularly change the admin passwords on your PABX.
3. Regularly review your phone bills to identify any unusual activity.
4. Regularly review your log files to identify any unusual activity.