Set a credit limit

If you leave the cookies out on the table, it won't be long until children start eating them and they will keep eating until they are all gone. Likewise, if your VoIP PBX is hacked, the bad guys are going to use it to relay calls to high cost destinations: and they are not going to stop until you switch the system off or the phone company cuts the line.

The number one thing you can do to protect your phone system does not involve any technical changes. It simply involves writing a letter.

Write to your phone company and tell them the amount of daily and monthly expenditure you authorise. Make it clear that this is both a security precaution and that any severe violation may jeopordise your business to the extent that you may not be able to pay bills in future.

Dear Sir,

My phone number is ___________ and my account number is ____________

I am writing to inform you that the total authorized expenditure for this account is $_______ per day and $________ per month.

Any services supplied in excess of this authorization will be treated as if they were supplied in error and we accept no liability for them.

Furthermore, I am informing you that we explicitly do not require the use of any of the services listed below, that the supply of these services is not authorized and that if any of these services are supplied to us or billed to us without management authorization, it is an error of the phone company and therefore it will not be paid.

  • Calls to premium rate numbers
  • Reverse charge calls charged at a rate in excess of $___ per minute
  • Calls to numbers where a share of the call charge is paid out to the recipient of the call (such as the UK 0871 numbers)
  • Premium-rate text messaging services
  • Data roaming charges
  • Data charges for data usage in excess of bundled data allowances

This letter has been sent to you by recorded delivery and takes effect on receipt.