S 2.60 Secure administration of a modem

Initiation responsibility: Head of IT

Implementation responsibility: Administrator, User

The secure use of a modem requires certain administrative measures:

• The subscriber number of a modem must only be disclosed to the communication partners involved, in order to protect the modem from unauthorised dial-in attempts. This number must not be listed in the telephone directory of the organisation. Regular dial-up tests should be performed to identify any telephone numbers that can be used externally to contact IT systems or fax machines, but that are not approved for such contact.
• Only authorised users may get access to modems and/or communication software for data transmission. Modems integrated in a network server can be accessed by users from their respective terminals. In this situation, access to the communications software must only be granted to users who are authorised to transmit data (see also S 2.42 Determination of potential communications partners).
• Moreover, the modem settings and communications software settings must be checked regularly, particularly to ensure that the security-relevant settings are still active and effective. A log of the data transmissions should be maintained.
• It must be ensured that the modem interrupts the telephone connection as soon as the user logs-out of the system. For stand-alone systems, this can be realised by leaving the modem connected to the telephone network only for the period of data transmission and then deactivating or disconnecting it from the line. Modems integrated in a network server must be configured accordingly. An external modem can simply be switched off. In addition, all users must be instructed to quit the communications program after completion of data transmission.
• It must be ensured that external users are automatically logged out of the IT system on disruption of a modem link. Otherwise the next caller would be able to proceed using the same user ID without having to log in first.

It should be checked regularly that the selected settings are still active and effective to effectively prevent unauthorised use of the modem.

Review questions:

• Do only authorised users get access to modems and/or communication software for data transmission via modem?
• Is it checked regularly that the selected settings are still active and effective?
• Are the performed data transmissions of modems logged?
• Is it ensured that the modem interrupts the telephone connection as soon as the corresponding user logs out of the system?
• Are users logged off after disconnecting the modem connection?
• VoIP in the WLAN: Is qualified protection of the WLAN guaranteed?