Mitel Forums - The Unofficial Source
Mitel Forums => Mitel MiVoice Business/MCD/3300 => Topic started by: LeoAbse on October 22, 2013, 04:53:50 AM
-
We have a Mitel 3300 MXE - MCD 4.0 - ISDN 30 as the main line in/out.
Currently our voice traffic is encrypted. Obviously if we took the encryption off, someone I guess could capture the voice data and then listen to our call or calls. Is someone able to confirm though, that in order for them to do this they would have to be physically in our office and have to plug themselves in to our network / LAN ? This couldn't be done externally ?
Thanks
-
Yes only the IP traffic will be affected so they would need to be within your network. The ISDN30 won't change.
-
Thanks. A bit more background to raising the question is that we are wanting to implement some call recording software. At the moment it would mean paying out for SRC, a server to sit it on as well as the call recording software. Turing off encryption would avoid this but I'm wanting to make sure security / privacy of calls isnt compromised.
-
I am pretty sure Mitel strongly suggests that you don't disable the encryption unless told to do so by support. Just throwing that out there.
I believe that they will only support call recording solutions that either use SRC or are physical taps to the ISDN circuits.
-
We deal with the Redbox recording solution and all of our customers who have the Redbox we have the Encryption turned off. Have to. And no issues. Thanks.
-
Turing off encryption would avoid this but I'm wanting to make sure security / privacy of calls isnt compromised.
It all depends on your company's requirements. If you have people taking credit card payments over the phone or some other sensitive information I would say to leave on encryption and use an SRC. If not you should be fine disabling the encryption.
My recommendation is to use an SRC, but not everyone has the money for the extra costs.
jrg0852, just a note, I have a redbox voice recorder going through a SRV, so you can do it.
-
As ghost says, whether you use an SRC can depend on your type of business. You may want to discuss with your legal department because many companies dealing with sensitve information ( hospitals for example ) can face law suits or stiff fines if any customer data gets comprimised including voice calls. The SRC's primary function is to decrypt voice and present it to only an authorized devices ie your recording equipment. So you need to weight the costs of a law suit or going out of businees against the cost of an SRC. Again its the requirements of your business.
Note: you can use wireshark to capture and play back audio on a unencrypted MCD. Not the hardest thing in the world to do.
-
An remember like sarond mentioned your only encrypted until you hit the PSTN
-
There may be something about due dilligence in the need to protect oneself.