Howto:GDPR innovaphone PBX V12

From innovaphone wiki
Jump to navigation Jump to search

Introduction

The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation of the European Parliament on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. The primary aim of the GDPR is to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

GDPR actually affects companies and how they comply with the GDPR standards, not products. The company has to demonstrate compliance with the GDPR and is obliged by law to implement measures which meet the principles of data protection.

innovaphone takes the protection of personal data very seriously, not only with GDPR coming into effect. Concerning the GDPR, we have carefully evaluated whether we need to add features so that our customers can operate our PBX in a way compliant to GDPR. So far, we have not found any specific features that would be missing in order to comply with the new regulation.

If you believe that there are GDPR rules which cannot be fulfilled with our products, please don't hesitate to let us know.

This article shall describe the innovaphone PBX Version 12 with regard to selected topics concerning the GDPR specifications.

Basically, the innovaphone PBX is a product with "GDPR by Design".

This does not mean that you cannot use the product in such a way that GDPR specifications could be violated. However, it is possible to operate the product conforming to GDPR but this depends on the setting implemented by partners and customers.

Personal Data

European data protection law utilises a wide concept of "personal data". Thus, e.g. name and telephone number or name and e-mail address are already critical information, according to GDPR.

Even if this information is typically used in a telephone system, please note that in principle, the innovaphone PBX can also be operated without these parameters: Instead of the name it is possible to use abbreviations or numbers instead, while operation without e-mail address is also possible.


Storage

All configurations for innovaphone devices are stored in local flash memory. The data is therefore stored directly on the device. This also applies to innovaphone Reporting and innovaphone Voicemail. The data is directly stored on the device located with the customer, so that access by third parties can be excluded. The data is or will not be matched or synchronised to any cloud or to external databases. No personal data are sent to a web service (cloud) or to the manufacturer at any time. The place of the data storage and thus the physical access is therefore clearly defined.

Access

innovaphone devices have no loopholes or secret default password; without correct credentials, access will not be possible.

Access to the data is protected by a password. Further, the default password for the viewing account can be changed. The access can be secured using HTTPS.

PPTP connections have 128 bits payload encryption.

ISDN data calls and Telnet are disabled by default.

The 802.1X port security feature is on all products.

Since the data is stored on the device, it can be ruled out that additional access is gained without the control of the partner and / or customer.


Deleting Data

When a user is deleted, all his setup data will also be deleted. The deletion is final and not restorable. This also applies to deleted Voicemail or Reporting data. Reporting data can be deleted automatically after a defined time (for example after 6 months).

Privacy

Conversations and data can be encrypted (TLS/SRTP), therefore no interception is possible.

A caller can hide his number/name to the remote party.

In order to display the Presence status, mutual acknowledgement is required and the user can set the visibility.

In the Call detail recording (CDR), the called number or some digits can be suppressed.

The Voicemail is protected by a password; the user can change this password.

It is possible to hide the call list of the inbound and outbound calls on the telephone. A phone can be locked.

Data Breaches

The access from a public network to the PBX is possible. A Reverse Proxy (in addition to external firewalls) can protect this access. The Reverse Proxy is part of the innovaphone PBX. It is also possible to use an innovaphone gateway just for this scope and isolate the PBX from the external network. With the Reverse Proxy, the access to services, ports and addresses can be defined.

Guessing credentials is detected and the attacker will automatically be moved to a blacklist. The re-release can only be performed manually by the administrator or automatically after a certain time. The attempts to bypass the Reverse Proxy are logged.


Related Articles

http://wiki.innovaphone.com/index.php?title=Howto:Security_works_with_innovaphone