112 Chapter 7 Security recommendations
•
Hackers look for signs that a mailbox is unused. Nortel recommends that
you take the following actions:
•
•
•
•
•
Mailbox owners often repeat favorite passwords and choose passwords that
are easy to hack. Educate mailbox owners about how to create secure
passwords to increase system security. Nortel recommends that you take
the following actions:
•
•
•
•
•
•
•
Strong passwords for user accounts
Strong passwords use upper and lower case characters, numbers, and
symbols to increase CallPilot security for the Administrator account.
Running the Configuration Wizard for the first time checks the accounts for
the default password and if found, forces you to change the password.
Copyright © 2007, Nortel Networks
.
Change the default password prefix regularly and include the password
prefix in data files used to add groups of mailboxes.
Delete unused mailboxes to keep hackers out of your system.
Ensure that all mailboxes have recorded spoken names (personal
verifications).
Ensure that all personal verifications specify the mailbox owner's name
or title, instead of a message such as "The person at extension 8522
is not available to take your call."
Ensure that aged messages are automatically deleted from mailboxes.
When you create new mailboxes prior to immediate use, defer access to
the new mailboxes.
Specify a minimum password length of eight characters.
Force mailbox owners to change their passwords regularly as a good
security practice.
Default: Mailbox owners must change their passwords every 90 days.
Play a warning message a few days before mailbox owners' passwords
expire so that they can change the password before it expires.
Default: Five days. The warning message plays once each day until
the password is changed.
Ensure that mailbox owners change their passwords to new passwords,
rather than entering the same passwords.
Default: Mailbox owners must enter five new passwords before they
can reuse an old password.
Nortel CallPilot
Administrator Guide
NN44200-601 01.11 Standard
5.0 9 November 2007