Data protection

Protection of user data

During operation the communication system records and stores user data (e.g. call data, contacts, voice messages, etc.). Protect this data from unauthorised access by using restrictive access control:

• For remote management use SRM (Secure IP Remote Management) or set up the IP network in such a way that from the outside only authorised persons have access to the IP addresses of the MiVoice Office 400 products.

• Restrict the number of user accounts to the minimum necessary and assign to the user accounts only those authorisation profiles that are actually required.

• Instruct system assistants to open the remote maintenance access to the communication server only for the amount of time needed for access.

• Instruct users with access rights to change their passwords on a regular basis and to keep them under lock and key.

Protection against listening in and recording

The MiVoice Office 400 communication solution comprises features which allow calls to be monitored or recorded without the call parties noticing. Inform your customers that these features can only be used in compliance with national data protection provisions.

Unencrypted phone calls made on the IP network can be recorded and played back by anyone with the right resources:

• Use encrypted voice transmission (Secure VoIP) whenever possible.

• For WAN links used for transmitting calls from IP or SIP phones, use as a matter of preference either the customer's own dedicated leased lines or VPN encrypted connection paths.