Security Alert: Scammers are holding your phones hostage for ransom

I recently read an article in the Chicago Tribune that was actually reprinted from the  LA Times (http://www.latimes.com/business/la-fi-phone-hacking-20130719,0,5710787.story). It described a nightmare similar to what some of our clients have gone through at different times over the past year.

Here is the scenario: all of a sudden (literally) all of their phone lines are taken over by a caller who is posing as a debt collection agency trying to collect on a delinquent account for an “employee”. In none of the cases was the named employee a current employee of my clients. All of the phone lines (in some cases they were SIP trunks, in other cases plain ordinary telephone lines and in two cases they were PRI running over a T1’s for a total of 46 channels) were taken over so that no calls could be received or made. The caller wanted to collect $500 or more dollars immediately. The business could pay- and then they would release the lines. In other cases, IP sets were “spoofed” and the hackers made hundreds of dollars in fraudlent calls that were billed to clients.

Can you imagine how frustrating that is? My clients were enraged. The local police were called – and were not able to do anything about the situation. The FBI Cyber Crimes unit was called – but they could do nothing about it. In each of the cases, other legitimate business numbers were faked (a.k.a “spoofed”) as the calling party.

In each of the cases,  we had to involve the carrier. Out of all of the carriers, SNET reacted the fastest. CBeyond was the most responsive with follow up. With SNET  in about 5 minutes, the nuisance calls were blocked and service was restored. In the other cases, the denial of service took over for a couple of hours. Denial of service attacks ( when hackers install programs on unprotected computers and overwhelm targeted servers) are common in the IP world. It’s a type of attack that is getting more common in the voice world as more companies adopt IP telephony (such as SIP trunks and converged circuits).

There are a few ways to protect yourself.

  1. First and foremost, either install your own Session Border Controller or make sure that your provider has an enterprise level session border controller installed on your circuits.
  2. Make sure that you know how to escalate your case through your carrier.
  3. Ensure that you have their emergency numbers on your cell phone and that you know your account information.
  4. Make sure that you have multiple authorized representatives on the account who can open and escalate trouble tickets.
  5. Know your vendors!  Emergency phone numbers, contact names and emails.
  6. If you are running your own IP equipment, make sure that it is in Stealth DMZ,  behind a firewall, that default passwords were changed and no one (even the most VIP) uses easy passwords.

In addition, the only way that this will be acted on is through involving law enforcement. The FBI Cyber Crimes unit should be notified and the incident should be reported. Helping them will give them necessary information in catching culprits. If you are an IT professional, join INFRAGARD which is a strategic partnership between the Bureau and IT professionals.

asset-the-complexity-of-it-security

Prime is Coming out of the (Phone) Closet- Cloud Computing, Cloud Phones, Cloud Business Management

We went to a seminar this past week. We followed up with some pretty intensive vendor training from our partners- and there will be more on their offerings in the coming weeks. We learned a lot- and would love to share it with you.

Here are some reasons to give serious consideration to cloud-based business services.

BYOD

The “bring your own device” (BYOD) movement is rapidly altering the business landscape. Employees want to use the power and convenience of their smartphones to access data, sales reports, and other tools to enhance efficiency. Likewise, enterprises appreciate what improved productivity generated by the BYOD movement can do for the bottom line.

Immunity From Disaster

Another major benefit of the cloud is disaster management. Cloud-based communications systems include automatic redundancy. Voice, data, and all digital information are typically routed to multiple data centers. The days of a business losing business hour-by-hour when its phone system goes down is a thing of the past. Fires, super storms, equipment failures, and even cyber-attacks are no match for the built-in redundancy of IP-based telecommunications.

Those that had embraced VoIP phones and cloud-based computing on the East Coast prior to Superstorm Sandy were often able to continue operations when others with traditional systems were down for days.

Business Management “To Go”

For business managers and executives, cloud-based operations allow them to, in fact, be “two places at once.” One can head out to an impromptu but vital sales call without worrying about what will be missed while you’re gone. The advantages of a fully integrated system go well beyond the mere ability to stay in touch via smartphones. Full, seamless integration of all company operations is possible in the cloud, and it can be done securely.

OfficeSuite is one such platform that can integrate your office phones, mobile devices, and data networks into a single system. Over 100,000 business professionals nationwide already enjoy the ease and efficiency of cloud-based communications and business management. Companies like Broadview Networks has already helped many clients to realize productivity gains through OfficeSuite’s business phone systems.

No longer want to be tethered to your office phone? Move your operations to the cloud and you will feel liberated as you can conduct essential business from anywhere at any time – and on any device.

Scalability

Phones that work over the Internet can be set up without the need for telephone installers at your premises. Better yet, as soon as you add staff or new locations, the system is readily scalable. Grow as you need to without having to spend precious capital for new equipment. As you grow, simply add new licenses for your new employees and set them up on the system in minutes.

The number of businesses around the world that will be using Internet-based phone systems is expected to double in 2013, to over 100 million. There’s a reason for this communications revolution, so see how your productivity can soar with cloud phones and cloud-based business management.

Video and Telemedicine

For businesses, bringing people together face-to-face leads to advantages like improved communication, better, faster decision making and more effective team work.

In the case of telemedicine, high-quality video conferencing can save lives. Telemedicine can mean many different things, but often it involves connecting patients in small, remote clinics to specialists in large urban health care centers.

Telemedicine makes it possible for patients who need acute, chronic or emergency care to meet face-to-face with highly-trained specialists without the expense, inconvenience and delay associated with travel. Local providers perform assessments and provide care under the guidance of the specialists.

For patients, this means improved access to high-quality care. For local clinics, it means the ability to serve more patients locally and for specialists, it means being able to efficiently deliver more care to more patients from a single, centralized location.

When Renown Health (Northern Nevada’s largest integrated healthcare network) decided to implement a comprehensive telemedicine program to serve rural residents, they evaluated solutions from a number of video conferencing vendors including Cisco (Tandberg) and Polycom. In the end, Renown selected Scopia video solutions from Avaya. The result is the highly successful R-TeleMed program, currently covering 25 specialties with more on the way.

Scopia video solutions offer a number of advantages over competing solutions. Scopia video is the only option that provides HD-quality in both the data and the personal-interaction channel. For a specialist, the ability to view a diagnostic image, for example, in HD is critically important. Scopia solutions also offer important advantages in terms of security, ease-of-use and interoperability with existing systems.

You can learn more about Avaya and Renown Health’s R-TeleMed program here.

What can Napster teach us about the consumerization of IT (BYOD)

The article was published in Forbes magazine – here is the complete link: http://www.forbes.com/sites/netapp/2012/11/07/napster-byod/ This is a guest post by Jesse Lipson, VP and GM of Data Sharing, Citrix. I think that it is a great article- exceptionally well written and concise.

 
The music industry has undergone quite a transformation over the last 15 years. Of course, we can often apply lessons from other industries to our own.

Napster

source: Rhapsody

Back in the 1990s, if I heard a song I really liked on the radio and wanted to buy it, I’d have to make a trip to the record store. After battling traffic and jockeying for a parking spot, I’d rifle through the CD selection and—if it was in stock—I’d pay $15–$20 for the privilege (even if there were just a few songs on the album that I wanted).

This was a great model—for the record labels. But for music lovers, it was inefficient and expensive. Then Napster came and changed everything.

In many ways, Napster is like the BYOD trend. Read on: I’ll tell you why and I’ll give you my top tips to avoid bringing your own security nightmare…

Bring Your Own Piracy

With Napster, if someone heard a song they liked on the radio, all they did was type the name into a search box; they could download it instantly, for free. And they could share it with their friends.

Users loved Napster, but deep down we all knew that the model wasn’t sustainable: Napster lacked a way for musicians and labels to monetize and protect their intellectual property.

To cut a long story short, all that changed in 2003, when Apple released the iTunes Music Store: It helped resolve the conflict between the old and new models of music consumption. But iTunes wasn’t quite as convenient as Napster. Downloaded songs were protected from sharing by digital rights management (DRM) and they cost 99 cents each.

However, iTunes did allow users to buy music from the comfort of their own home, while letting the music industry monetize and protect their songs. Apple was able to satisfy both parties.

Standardization vs. Cowboys

The consumerization of IT is now driving a similar transformation in enterprise hardware and software. The traditional IT model is what I call Standardization, where employees are issued company-owned mobile devices, and forced to use infrequently updated software that’s only accessible inside the firewall.

There are benefits to Standardization, but it’s increasingly untenable: Employees come to expect the same ease of use and performance from the software they use at work as they do from the software they use at home, like Facebook and Twitter.

Frustrated with the inefficiencies of the old Standardization model, many employees are embracing a new model, which I call Cowboy Consumerization. They’re buying their own phones and tablets, installing their own software to store and manage company data.

Just like Napster, Cowboy Consumerization provides users with efficiency and productivity. But also like Napster, we know that Cowboy Consumerization simply isn’t sustainable.

So how Widespread is it?

According to an August 2012 Enterprise Strategy Group report, 70% of organizations know or suspect their employees are using personal online file sharing accounts without formal IT approval.

I spoke with a group of CIOs at Citrix Synergy three weeks ago. They were seriously concerned about the security risks that personal file sharing solutions pose within their organizations.

Among their top security worries:

  • How do I protect corporate data and intellectual property if an employee leaves the company or loses their device?
  • How do I ensure compliance with, say, HIPAA or FINRA rules, if we can’t see how employees store and share corporate data?
  • How do I ensure that we’re honoring customer and partner contracts that require their data to be stored on-premises, in specific geographic regions, or with certain encryption standards?

Ultimately, IT needs to follow the example of iTunes and create a solution that combines elements of Standardization and Consumerization. There has to be a happy medium between those two models.

Here are some guidelines on how to square that circle:

  • For company-issued mobile devices, use mobile device management or mobile application management (MAM) software for application provisioning and application/device wiping.
  • For BYOD mobile devices, use a MAM solution to manage business apps on the device while letting the end user manage their own personal apps. That way, if the employee leaves or the device is lost, you can wipe just the corporate data from it.
  • Enterprise apps need to be updated more rapidly than IT typically considers acceptable. Remember, you’re competing with consumer apps like Facebook and Twitter; employees have higher usability expectations. If you can’t keep pace, consider using a cloud vendor to deliver your apps.
  • Different enterprises need to comply with different laws and regulations. Make sure that the software you adopt provides you with account-level preferences to allow you to tweak security settings. You need to meet your needs today, but also be able to revisit down the road, based on user feedback.
  • Make sure that the new tools you adopt allow you to take advantage of existing investments, such as network shares or SharePoint.

As you evaluate the right BYOD strategy, think about Napster and the importance of creating a happy medium between security and convenience.

For more information about setting up your own BYOD policies- check out our FREE VIDEO LIBRARY at http://www.primetelecommunications.com/video-library-byod-bring-your-own-device/

Infographic: 5 Keys to Mobile Video

Incorporating mobile devices into enterprise videoconferencing requires a different strategy from implementing conference room video. Our new infographic shows the top five considerations when deploying mobile video solutions in the work place.

More than 70% of organizations are planning to get video capabilities within the next year, according to a study by Network Instruments.That rise in implementations means companies need to consider video in a way that is both cost-efficient in the short term and fits with long-term communications planning.

The benefits of mobile video conferencing include faster decision-making, enhanced collaboration, and improved sales and revenue. But businesses must also consider a solution that is easy to deploy and use.

See all five key considerations in our full infographic here: 5 Keys to Mobile Video.

The Beginner’s Guide to Video

Video solutions like Avaya Scopia make it simple for people to join a video conference from any device, including smartphones, personal laptops and tablets without complex licensing agreements or firewall issues. The cost of video collaboration is coming down, and user expectations, shaped by the ubiquity of consumer video conferencing tools like MS Skype and Apple Facetime, all contribute to rising demand for corporate video solutions.

Then there are the compelling use cases: Medical centers can extend expert care to patients in remote clinics through video-linked specialists. Financial services companies can provide personal, face-to-face service to more clients in more locations. Educational institutions can expand their classrooms to reach more students and to enrich the experience for those they teach.

One consequence of the rapid adoption of video collaboration technology is that many of the people who take part in the process of defining, evaluating, testing and rolling out video solutions are unfamiliar with many of key concepts and technologies. These included end-users who need to have a hand in defining how video will be used in the organization as well as technical staff who are new to video issues.

To help, Avaya has created a quick, interactive guide that provides an introduction to important video conferencing concepts for a non-technical audience.

The Guide includes:

  • ·       Bandwidth Bandits: A short introduction to bandwidth management.
  • ·       Compression: A quick visual introduction to the need for and technology involved in video compression.
  • ·       Building Bridges and Avoiding Technology Islands: An introduction to the concept of interoperability.

There’s much more, including a glossary that explains terms like Gateway, MCU, HD Video, and SVC.

You can access the guide here: The Beginner’s Guide to Video

Video conferencing is booming. Here are 7 reasons why.

Video conferencing has been around for almost three decades, but in 2013, it is rapidly becoming an everyday part of doing business. As consumer offerings have grown, business interest has also expanded to meet the desire for a richer form of communication.

In our new Trend Advisor, “Video Solutions in theEnterprise,” we explore the seven reasons why corporate video conferencing is booming and why businesses of all sizes can’t afford to be left out.

One trend is how the proliferation of smart mobile devices is driving the desire for life like, affordable and easy-to-use video conferencing in the workplace.

To read the other six trends that are fueling corporate interest in adopting video conferencing, download the free Avaya Trend Advisor here: http://bit.ly/WZgzve.    

Strategic technology to deliver optimal customer service

Today’s customer requires instantaneous resolutions on the communications channel they prefer, but most businesses aren’t able to fully meet these demands.

Forrester examines the technology updates needed to empower agents and managers to deliver quality customer experiences, every time, regardless of the channel.

To learn the four key solutions that efficient and empowered agents need, download Forrester’s The Strategic Role of Customer Experience Technologies.

The Secret to Leveraging Mobile Devices at Work

Mobile devices like tablets, laptops and smartphones have transformed the way we communicate and share our lives, both professionally and personally.

How can you leverage this technology to your competitive advantage in today’s tough economy?

Watch the video MobileCollaboration Solutions from Avaya to learn about integrated, simple-to-deploy and easy-to-use tools to leverage mobile technology, regardless of your budget or bandwidth.

The benefits of mobile collaboration from Avaya include:

  • Flexible, adaptable and scalable solutions that create efficiencies and put critical resources at your fingertips.
  • Easy access and visibility into employee availability, keeping everyone updated.
  • Secure and quick information sharing using user-friendly, drag-and-drop functionality.
  • Predictable, solid return on investment.
  • Ability to effectively reach new customers and communicate with current clients.
  • Round-the-clock service and support so your IT team can focus on core business initiatives.

See how Avaya can find you a solution that works with your budget and helps you get ahead: http://bit.ly/101P4AL 

Case study: Launching 4,000 video conferencing accounts in 5 weeks

Today’s slate of personal video conferencing systems –when deployed to a critical mass of employees – have overcome the limitations andbad reputation of the past and have significant benefits beyond travel savings:

  • Improved team building
  • Better integration of resources
  • Faster decision making 
  •  Richer interaction

 To demonstrate the capability of video in the modernworkplace, Avaya implemented the SCOPIA desktop to 4,000 users worldwide,including the management team and field sales and marketing teams.

 In the new white paper (sponsored by Avaya) “The Viabilityof Large-Scale Personal Video Conferencing Deployments,” Wainhouse Researchtook a look at the results after two months, analyzing the early conclusionsand benefits after more than 35,000 meetings with 85,000 attendees were held.

Among the conclusions:

    •  
    • “Click-to-connect” conferencingsolutions can enable sales to connect with customers and prospects with aricher, more productive interaction experience.

  • Product development and marketingteams reported that having everyone video-enabled made the teams more cohesiveand improved overall working relationships.
  • Global logistics and supply chainmanagement teams used video to reduce on-site supplier meetings and to makein-person increasingly more productive since relationships can be establishedbeforehand.

To read Wainhouse Research’s recommendations andlessons learned when implementing person video into the enterprise, downloadthe free white paper here: http://bit.ly/VAqloa  

Follow

Get every new post delivered to your Inbox.

Join 710 other followers