© AssuringBusiness – all rights reserved
Failure to act proactively to prevent, detect andmanage telecoms fraud can have a devastatingeconomic and operational effect.
CPE Fraud Management: Six Key Steps
Review access security protocols.
Request information from the CPE supplier and/ormaintainer regarding the exact nature of security protocols deployed on the CPE/PBX,ensuring that common or easily guessed access credentials are NOT used on any channel.The business should determine whether the nature of access controls are consistent withtheir own security policies or expectations. Ideally, multi-authentication access controlsshould be deployed incorporating some form of one-time password token.2.
Configure the CPE/PBX to reduce risk.
Work with the telecoms manager and systemmaintainer to review and deploy sensible CPE configurations and options to limit risk.Consider what features the business really needs and the nature of user interfacecontrols such as PINs. Continuously review and audit this configuration to identifychanges that may present a risk.3.
Monitor usage, or seek protection.
Investigate fraud and usage monitoring options onthe CPE itself (e.g. utilising the call records and logs generated by CPE). But also checkwith the network operator/service provider – they may offer a fraud protection service,or may consider introducing one if demand is sufficient. Businesses may also considercreating their own fraud control software if they have access to the appropriate data.4.
Deploy specialist anti-fraud tools.
Consider the deployment of special fraud controlplatforms as an adjunct to the CPE, ideally to prevent fraud opportunities, or utilizing acall-accounting package that provides fraud monitoring reports. These tools take manyforms and may be available via the CPE provider or direct from specialist vendors.5.
Check terms and conditions of service and supply in all aspects ofthe telecoms environment (hardware, connectivity, usage etc.) to determine liability forissues should they occur. Businesses should be aware of the risks and these may betracked in their enterprise risk management or Business Assurance plan.6.
Review telecoms service billing.
Check all service bills thoroughly to determinewhether the business has fallen victim to fraud (or other over-charging) that has notbeen detected. Pay particular attention to higher-cost services, or unusual service usagepatterns. Most network operators/service providers have standard processes formanaging enquiries or claims for fraud if the business believes it has been a victim.