Data privacy
In addition to activating the secure mode, you must use the following configuration to ensure user data is private:
-
Contacts: disable by setting the following 46xxsettings.txt parameter:SET ENABLE_CONTACTS 0
-
Recents: disable by setting the following 46xxsettings.txt parameter:SET ENABLE_CALL_LOG 0Note:The phone deletes existing Recents logs when you apply this setting.
-
Force HTTPS for configuration and disable Web Server: set the following 46xxsettings.txt parameters:SET ENABLE_WEBSERVER 0SET AUTH 1
-
Logs: by default, logs are protected, because the SSH server is disabled by default. Logs are internal to the phone and, with GDPR mode activated, are cleared every 24 hours. To maintain these settings, do not set the SET SSH_ALLOWED parameter value to other than 0. To protect logs, use the following 46xxsettings.txt parameters:SET SYSLOG_LEVEL 1SET SYSLOG_ENABLED 0SET LOGSRVR ""SET LOG_CATEGORY ""
You can also enable the Secure Syslog feature. If you choose this option, use the following configuration:
SET SYSLOG_ENABLED 1
SET LOGSRVR "xx" where xx is an FQDN address for a TLS server.
Enable the Phone Lock feature
To enable the Phone Lock feature, you need to provide SIP login and password information to the user.
You can configure the Phone Lock feature so that users can manually lock their phones using the Lock soft key on the Idle phone screen or the Lock feature key. You can also set the idle time interval after which the phone automatically locks.
To do this, set the following 46xxsettings.txt parameters:
-
SET ENABLE_PHONE_LOCK 1
-
SET PHONE_LOCK_IDLETIME: use any value other than 0 for this parameter to set the idle time interval.
Additional settings
The following settings are turned off by default, but if you want to ensure that data privacy is maintained as required, make sure you observe the following settings:
-
SET SNMPADD ” “
-
SET TPSLIST ” “
-
SET SLMSTAT ” “
Use HTTPS values for the following settings:
-
USER_STORE_URI
-
XSI_URL
-
CONFIG_SERVER_SECURE_MODE — do not set to 0
Use TLS values for the following settings:
-
SIP_CONTROLLER_LIST
-
SIP_CONTROLLER_LIST_2
-
SET SIPSIGNAL 2 — TLS is used by default
-
SET ENABLE_OOD_MSG_TLS_ONLY 1 — TLS is used by default