Accessing Voicemail from external phone

[harts]

Hi

As part of a working from home scheme users will be allowed to forward their extensions to their home line or mobile. They will still need to access voicemail from an external phone, so i was wondering what the best way to set this up is?

We were told by our supplier that is is not a good idea (secuurity) to have a number setup just for voicemail which is accessible externally, so we are a little stuck. I understand UC could help us out but it isn't something we plan to implement any time soon.

Any help would be greatly appreciated.

Thanks

[ralph]

I understand the security issue.   I've had a couple of systems hacked.
But, people still need access to their VMs from outside. 
Good security, such and changing admin passwords, and enforcing non-tirvial passwords helps but isn't full proof.

What kind of VM do you have?
You may be able to simply forward voice mails to emails so users get them that way.

Ralph

[harts]

Hi Ralph,

I beleive we have decent security in place in terms of non-trivial passwords...but obviously I'd like assurance from an expert that it is secure. Are there any obvious areas I should look out for?

We use NuPoint currently and voicemail to email sounds like it might be an option.

Thanks

[august]

You could restrict the COR of the port use by Nupoint to block outgoing call from the Nupoint.

[ralph]

As august suggest you'll need to block outbound calls.
But let's define what risk we're trying to avoid.
* Toll Fraud
* Privacy violations
* Stolen information
* Greetings that are changed that might embarrass the company

I'm sure there's more but, but, but...
All these can happen just by dialing and extension and getting to someone's mailbox.

Here's my opinion:
Total security is to shut off the system and lock it in a vault.   Not very useful.
Now you need to balance security risk with usefulness. 
Using non-trivial passwords with greater than 4 digits, blocking VM ports from ever being able to dial out (there's a couple of really good ways to do this), being sure that the NuPoint can't dial '9' (assuming that's your outbound access), locking out mailboxes that have too many failed log in attempts and deleting unused mailboxes is generally considered adequate security for VM.

I've never set up a system that didn't allow people to check their VMs from outside.

Ralph

[Mattmayn]

Another option would be instead of having these users forward their calls to whatever phone they desire you could build them EHDUs and that would allow the system to either verify their numbers when they called in or they would have to enter their PIN, then make the VM call as an internal call. Just an idea.