Strengthen your contact centre security and compliance

Enjoy worry-free security and compliance

Protect your data worldwide

Rest assured knowing your data is secured with end-to-end encryption, stringent access controls and rigorous security policies.

Simplify your global compliance

Benefit from an extensive set of compliance certifications and attestations to help you operate within a complex global regulatory environment.

Improve your security posture

Choose our shared security model to reduce operational responsibilities and costs. Gain greater security than most organisations achieve in-house.

Protect your business with robust security and data privacy

Defense in depth

To maintain the confidentiality, integrity and availability of data and services, we use a defense in depth strategy. This approach implements multiple layers of security mechanisms and controls; if one control fails or a vulnerability is exploited, another is in place to help mitigate risk.

Data encryption

All customer data is encrypted both in transit and at rest: AES 256 key encryption for data at rest and HTTPS with TLS 1.2 or higher encryption for data in transit. Beyond platform-level encryption, we use unique encryption keys for each organisation for sensitive data like call recordings.

Data privacy

As the focus on privacy increases worldwide, staying informed on evolving regulations and regional standards can be challenging. Our privacy standards and configurable tools help customers meet their global data privacy needs across a variety of industries and locations.

Identity and access control

Streamline access with single-sign-on using SAML 2.0 third-party providers. Multi-factor authentication adds an extra layer of protection. Configurable access privileges use least-privilege principle and role-based control mechanisms, while audit logs track user activity.

Network security

Within Amazon Web Services (AWS), Genesys Cloud production services and customer data are logically isolated in a virtual private cloud (VPC) for increased security. All connections to VPC are secured via HTTPS and TLS 1.2 over the public internet. We follow AWS best practices for the security group, load balancer and routing configurations.

Secure APIs

The platform API follows the OAuth 2.0 specification for secure authorisation. Rate limits ensure platform stability and protect against malicious denial-of-service attacks. And RESTful APIs offer inherent security advantages, enabling encrypted data transfers, statelessness and granular access control.

Operational security

We conduct continuous vulnerability scanning, penetration tests and pre-deployment checks to preempt any potential risks. Host-based and network-based intrusion detection systems monitor for suspicious activities. Identified security risks are assigned for prompt remediation.

Physical security

AWS provides data center security. Controls include perimeter security, such as fencing, walls, security staff, video surveillance and intrusion detection systems. Physical access to AWS data centres is logged, monitored and retained, reducing the risk of insider security threats.

Organisational security

Genesys employs a full-time Information Security and Compliance team that’s focused on security, auditing, compliance and risk management. Also, all employees are required to successfully complete security and compliance training on an annual basis.



of consumers said data protection and privacy is their number one environmental, social or ethical expectation from companies

The State of Customer Experience,” Genesys, 2023

Forge deeper customer trust and loyalty

The Genesys Cloud™ platform is trusted by thousands of customers worldwide to safeguard their data — including those in highly regulated industries, such as the public sector, financial services, healthcare and utilities.

Our comprehensive security approach spans our applications, infrastructure, processes and people. This ensures that your customer and business information remains secure, compliant and accessible — so you can stop worrying about security and focus on improving the customer experience.

Choose a partner committed to your security

The security of our service is instrumental in maintaining the trust our customers place in Genesys. Our comprehensive approach to security is embedded across our platform, processes and culture. It’s based on the principles of informed oversight, effective risk management, consistent security practices, rigorous audits, continuous feedback and full transparency.

Our top priority is to keep your data secure and your business protected — so you can have peace of mind.

Genesys aws shared responsibility graphic

Free up your security teams and budget

Managing security and compliance is a shared responsibility between Genesys, our cloud service provider and our customers. AWS operates and manages the security and compliance of the cloud computing infrastructure. Genesys manages security in the cloud. And the end customer is responsible for security within their Genesys Cloud organisation. This distribution of responsibilities relieves your operational burden and is typically more cost-effective than maintaining the same depth of security in-house.

Invest in a platform designed for defense

Integrating security protocols or measures into existing software is good practice. But having cloud-native security built right into the software from day one is even better. Security is deeply embedded in the DevOps practices at Genesys. Following the principles of security by design, our development teams are regularly trained on web application security and independent product security teams ensure new features go through rigorous security code reviews and testing prior to release.

Accelerate your global compliance

Navigating global regulatory compliance in today’s digital-first world is complex, but the right partner can help simplify matters. Genesys is aligned with industry best practices, relevant and appropriate international standards, and — where applicable — national legislation.

Maintaining our extensive compliance portfolio demonstrates our capabilities and commitment to delivering a secure platform that helps you meet and exceed your regulatory and compliance needs, no matter which industry or geography you serve.

Gain security and peace of mind

At Genesys, we prioritise openness and transparency in how we operate. Our Trust Centre offers detailed insights into our security best practices and our extensive industry and regulatory compliance portfolio. You can easily access Genesys Cloud legal agreements, including our privacy policy and SLA.

We also provide a status portal for real-time and historical operational performance of Genesys Cloud, plus scheduled maintenance. And you can read about our AI ethics framework and sustainability efforts, which underscore our dedication to contributing positively to our planet’s future.

See what our customers have to say

See what else you can do with Genesys

Learn more about protecting your business

Safeguard your most valuable assets

The costs of poor security measures are high: reputational damage, loss of consumer trust and confidence, potential lawsuits and a decreasing bottom line. It’s clear: companies that neglect security will see their customers turn to others that provide it.

By partnering with Genesys, you’ll gain the knowledge and tools needed to meet today’s global data security and compliance standards. Get in touch to learn how we can help.

Thank you for your interest.

We’ll contact you directly to set up a date and time that works with your schedule.

Frequently asked questions

What is contact centre compliance?

Contact centre compliance refers to adhering to a set of regulations, standards and guidelines set by local, federal and global regulatory and legislative bodies. A security and compliance contact centre is essential to provide excellent customer service, maintain customer trust by securing personal data, ensure business continuity and avoid fines and penalties.

What regulations do contact centres need to comply with?

Depending on the country, the industry or specific business, the rules contact centers have to follow can vary. In general, these laws and guidelines are drafted to prevent fraud and data breaches while maintaining data privacy and security.

Though industry standards for call center compliance can differ around the world, there are a few well-known examples. This includes laws such as the Telephone Consumer Protection Act (TCPA), the General Data Protection Regulation (GDPR) and the Payment Card Industry Data Security Standard (PCI-DSS), which is designed to protect cardholder data.

How does Genesys stay current with regulatory changes to ensure compliance?

Genesys engages multiple independent third-party organisations on a periodic basis to perform audits required for the certifications we maintain. Additionally, our legal team regularly reviews rules and regulations for any legislative or regulatory changes/additions. If necessary, updates are made to our call centre security policies and procedures to align with the latest standards.

Does Genesys have an incident management program?

Yes. Potential security incidents detected within or affecting the Genesys Cloud platform are reported to our dedicated Security Incident Response Team, who will activate and follow the Genesys Incident Response Plan that includes detailed security incident handling procedures for analysis, containment, removal and recovery with minimal impact to confidentiality, integrity or availability.