GDPR

Discussion in '3CX Phone System - General' started by ppigmans, Dec 6, 2017.

Thread Status:
Not open for further replies.
  1. ppigmans

    Joined:
    Dec 6, 2017
    Messages:
    10
    Likes Received:
    0
    Hi,

    I was wondering about the General Data Protection Regulations (GDPR for short..), lets say i have a PBX setup with a SBC on remote offices, there is NO encryption because we noticed issues on the line.

    Are we forced by the GDPR to enable the encryption anyway and thus having more issues with the connection between the PBX and SBC?
     
  2. leejor

    leejor Well-Known Member

    Joined:
    Jan 22, 2008
    Messages:
    10,375
    Likes Received:
    231
    By encryption, do you mean VPN (between sites)? If so, then you would not require the SBC wich would simplify things. as long as your bandwidth is sufficient , you really should not have any issues. If you were advised to install VPN to comply with GDPR, then using for Voice services as well should be considered, but perhaps not required.
     
    #2 leejor, Dec 6, 2017
    Last edited: Dec 6, 2017
  3. sip.bg

    sip.bg Active Member

    Joined:
    Nov 7, 2016
    Messages:
    704
    Likes Received:
    219
    GDPR compliance may affect the 'Contacts' storage and processing into PBX and phones, as they reveal personal information and identification like combination of names, phones, companies. Is there any official position about GDPR compliance? I've been asked about this at least by two customers already.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. ppigmans

    Joined:
    Dec 6, 2017
    Messages:
    10
    Likes Received:
    0
    Yes i mean site to site, but it still eats away a ton of bandwidith from our customers.
    I was not advised to do anything with GDPR but i still worry about it, considering its right around the corner...

    I dont know, but its quite worrying if i may say so...
     
  5. leejor

    leejor Well-Known Member

    Joined:
    Jan 22, 2008
    Messages:
    10,375
    Likes Received:
    231
    You're not the only person/corporation concerned about this, so unless an official edict comes down (with more specific instructions/requirements that apply to PBX trunks), I'd wait a bit to see what the majority of PBX users are planning to do. I'm certain that there will be more discussion about this on the forum.
     
  6. ppigmans

    Joined:
    Dec 6, 2017
    Messages:
    10
    Likes Received:
    0
    Alright, still.. even though 3CX isnt europian it should know something about this right..?
     
  7. sip.bg

    sip.bg Active Member

    Joined:
    Nov 7, 2016
    Messages:
    704
    Likes Received:
    219
    Why 3CX not being European?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. ppigmans

    Joined:
    Dec 6, 2017
    Messages:
    10
    Likes Received:
    0
    not sure about this but i do believe 3CX is based from America... or was it greece?
     
  9. NickD_3CX

    NickD_3CX Support Team
    Staff Member 3CX Support

    Joined:
    Jun 2, 2014
    Messages:
    1,255
    Likes Received:
    63
    On the GDPR question, as far as I am aware, it only gives guidelines of how to store data, and as @leejor pointed out, there are no specific requirements about how data is transported. This means that technically having the SBC with the encryption off shouldn't mean that you would fail to pass a GDPR compliance test. What would cause this however is if you have the SBC logs set to Verbose, as it rights SIP information including names and extension numbers to syslog in clear text.
    Verbose is for debugging purposes of course and is not enabled by default, so again that shouldn't be a problem.
     
    #9 NickD_3CX, Dec 13, 2017
    Last edited by a moderator: Dec 13, 2017
    ppigmans likes this.
  10. ppigmans

    Joined:
    Dec 6, 2017
    Messages:
    10
    Likes Received:
    0
    That is exactly what i was looking for, thank you!
     
Thread Status:
Not open for further replies.