I strongly recommend you read the following book by Akhil Behl:
Securing Cisco IP Telephony Networks
This book's coverage is both wide and deep making sure that a clear picture is formed on all aspects. This ensures that nothing is overlooked, enabling this book to be the definitive reference for Cisco IP Telephony Security
If you need to make sure you endpoints are secure I recomend you have a look at PhoneView from UnifiedFX.
In addition to what Mr. Stephen has said, u can also refer the POST by Mr. Akhil Behl
After carefully consideration, I would like to know how can I implement these steps below:
Voice System Security
1. DISA port access (using inbound 0800 numbers) on the PBX will be protected by a secure password.
2. The maintenance port on the PBX will be protected with a secure password.
3. The default DISA and maintenance passwords on the PBX will be changed to user defined passwords.
4. Call accounting will be used to monitor access to the maintenance port, DISA ports and abnormal call patterns.
5. DISA ports will be turned off during non working hours.
6. Internal and external call forwarding privileges will be separated, to prevent inbound calls being forwarded to an outside line.
7. The operator will endeavour to ensure that an outside call is not transferred to an outside line.
8 Use will be made of multilevel passwords and access authentication where available on the PBX.
9. Voice mail accounts will use a password with a minimum length of six digits.
10. The voice mail password should never match the last six digits of the phone number.
11. The caller to a voice mail account will be locked out after three attempts at password validation.
12. Dialling calling party pays numbers will be prevented.
13. Telephone bills will be checked carefully to identify any misuse of the telephone system.
In which leves can I put passwords and how? (I mean user authentication during the registration process in Ephone-DN-s, Ephones, Call restrictions, someone need to give a password before to make a call. etc.)
Thank you very much