Product and Safety Information
12
Aastra 470 as of R3.2
syd-0337/1.6 – R3.2 – 09.2014
1. 3
Data protection
Protection of user data
During operation the communication system records and stores user data (e.g. call
data, contacts, voice messages, etc.). Protect this data from unauthorised access by
using restrictive access control:
• For remote management use SRM (Secure IP Remote Management) or set up
the IP network in such a way that from the outside only authorised persons have
access to the IP addresses of the Aastra 400 products.
• Restrict the number of user accounts to the minimum necessary and assign to
the user accounts only those authorisation profiles that are actually required.
• Instruct system assistants to open the remote maintenance access to the com-
munication server only for the amount of time needed for access.
• Instruct users with access rights to change their passwords on a regular basis
and keep them under lock and key.
Protection against listening in and recording
The Aastra 400 communication solution comprises features which allow calls to be
monitored or recorded without the call parties noticing. Inform your customers
that these features can only be used in compliance with national data protection
provisions.
Unencrypted phone calls made on the IP network can be recorded and played back
by anyone with the right resources:
• Use encrypted voice transmission (Secure VoIP) whenever possible.
• For WAN links used for transmitting calls from IP or SIP phones, use as a matter of
preference either the customer's own dedicated leased lines or with VPN en-
crypted connection paths.