Security in the cloud is a key consideration when choosing a new cloud-based call center platform.
Genesys cloud services are developed with security as a top priority. From the supporting infrastructure, to data encryption techniques and security threat-response processes, the Genesys PureCloud® platform ensures that customer data is protected and secure at all times.
Maintain security across the board
Encrypting data at rest is a fundamental design characteristic of the PureCloud platform. Genesys encrypts customer data in the database via the Advanced Encryption Standard (AES) algorithm with a key size of 256 bits. Additional technological capabilities protect against insider threats and data exfiltration—ensuring that access to customer instances and data is logged and monitored. And sufficient preventative controls are in place to adequately protect customer data against misuse or abuse of access.
Application security testing occurs throughout the lifecycle. During development, code is continually tested and reviewed using commercial and in-house automated toolsets. Static code analysis, dynamic code analysis and third-party vulnerability assessments also are part of the development testing process. These processes and tools make certain that appropriate fixes are in place to maintain a high security posture. For added assurance, we also engage a third party to perform penetration testing. This ensures objective assessment of the cloud service before it’s released to customers.
Software development lifecycle security
Security is embedded in the software development lifecycle (SDLC) at Genesys, in which an independent product security team uses an agile development process that includes validation steps. Developers and other relevant personnel are regularly trained on web application security including, but not limited to, training from organizations such as the Open Web Application Security Project (OWASP) and SANS Top 25.
PureCloud system status
The last thing you need is contact center software failure. To ensure your platform runs smoothly, check the public-facing status page for live updates and proactive notifications.
Security-enhanced technology and effective compliance processes enable Genesys to maintain and expand a rich set of third-party certifications. These allow you to easily achieve compliance across multiple services and meet changing needs.
SOC2 Type II
Planned for 2019