S 4.10 Password protection for PBX terminals

Initiation responsibility: PBX officer; IT Security Management

Implementation responsibility: IT-user

Terminals, especially telephones, can often be provided with password protection. When password protection is enabled, user facilities such as call diversion, follow-me call forwarding, etc. will be available only after entry of the password. Without knowledge of the password it is normally only possible to make in-house calls. Use should always be made of this form of password protection in order to prevent abuse of these facilities.

Additional controls:

• Can PBX terminals be provided with password protection?
• Have the users been briefed on the password protection option?
• If so, is use made of this option in practice?