Change tracking

  • 0
  • 1
  • Idea
  • Updated 3 years ago
Merged

This conversation has been merged. Please reference the main conversation: Change Auditing/Logging

This morning I had the disturbing experience of discovering that one of our PC based softphones had been removed from our account, leaving it only to to work via RingOut. We're a small company of 15 users and the disturbing part was that there was no way to tell who removed or how the phone was deleted. The RC customer service could tell me about people who called them for support buy could not tell me how this happened. It's a MAJOR security problem. Were we hacked? Did the other admin accidentally do it (He says he hasn't logged into RC for months) or did the system hiccup. VERY disturbing that nobody can tell me how this happened so we could plug a security leak or something. 
Photo of Ed Mcguinness

Ed Mcguinness

  • 82 Points 75 badge 2x thumb
  • Frightened

Posted 3 years ago

  • 0
  • 1
Photo of Mike

Mike, Official Rep

  • 92,054 Points 50k badge 2x thumb
Hello Ed, 

It's most likely it was an admin, or user who has access to the account. It's not likely you were hacked, as a hacker would probably take a more malicious action. 

If someone deauthorized a computer, the primary purpose would be so that they can make direct calls form a different computer.  If you look at the same screen where you deauthorize, it will show you what computer it's currently associated with.  If you can match the computer name to the user of that machine, it's likely the same person. 

I hope this helps. 

Mike 

This conversation is no longer open for comments or replies.