Data Protection - Mitel 430 System Manual

1. 4

Data protection

Protection of user data
During operation the communication system records and stores user data (e.g. call
data, contacts, voice messages, etc.). Protect this data from unauthorised access by
using restrictive access control:
• For remote management use SRM (Secure IP Remote Management) or set up the
IP network in such a way that from the outside only authorised persons have access
to the IP addresses of the MiVoice Office 400 products.
• Restrict the number of user accounts to the minimum necessary and assign to the
user accounts only those authorisation profiles that are actually required.
• Instruct system assistants to open the remote maintenance access to the communi-
cation server only for the amount of time needed for access.
• Instruct users with access rights to change their passwords on a regular basis and
keep them under lock and key.
Protection against listening in and recording
The MiVoice Office 400 communication solution comprises features which allow calls
to be monitored or recorded without the call parties noticing. Inform your customers
that these features may only be used in compliance with national data protection provi-
sions.
Unencrypted phone calls made on the IP network can be recorded and played back by
anyone with the right resources:
• Use encrypted voice transmission whenever possible.
• For WAN links used for transmitting calls from IP or SIP phones, use as a matter of
preference either the customer's own dedicated leased lines or VPN encrypted con-
nection paths.
Mitel 415/430 as of R4.1
syd-0580/1.2 – R4.1 – 08.2016
Product and Safety Information
13