A Multi-layered Approach to Security
When evaluating on-demand technology for your contact center, you need to ensure the on-demand solution addresses security in all the layers of the stack, including the physical, network, application, and data levels. Each layer plays a vital role in protecting your organization.
Security has always been an important aspect of our own contact center — each year, we collect approximately 15 million credit card numbers, over 1 million bank account numbers, and over 100,000 social security numbers. To protect this information, we've invested heavily in developing a multi-layered infrastructure that meets and exceeds industry security requirements.
These layers of security include the following:
- Independent Certification
- Physical Security
- Network Security
- System- and Application-level Security
- Data Security
- Agent-level Security
- Industry Security Certifications and Memberships
Independent Certification
The LiveOps platform is regularly audited by independent third parties and is fully compliant and certified with the 12 security domains of PCI-DSS Level 1 Service Providers. This credit card processing compliance requires secure data storage and strong policy and compliance measures. Our customers within financial services, health care, insurance, and a host of other industries also regularly test and audit the security of the LiveOps platform to ensure that it meets and exceeds the security requirements for their industry.
Physical Security
LiveOps has instituted best-of-breed physical security controls to protect sensitive information with five security perimeters, including mantraps with two layers of biometrics; up to 500 surveillance cameras supported by infrared, ultrasonic and photoelectric motion sensors; and 24x7 armed ex-military and law enforcement staff.
Network Security
Our secure network architecture includes multi-layer firewalls, access control lists, data integrity systems, and intrusion detection systems that are monitored 24x7 by the LiveOps-staffed Security Operations Center (SOC). Changes to the system or a file name are tracked and monitored around the clock. The multi-layered firewalls delineate multiple demilitarized zone’s (DMZ’s) both to protect data and restrict unauthorized access from all networks.
Systems- and Application-level Security
Our on-demand platform offers secure, segmented, role-based authentication that allows you to specify access permissions for different users down to a very granular level.
Data Security
Data is protected at all aspects of its lifecycle – at the storage, processing and transmission stages – using enterprise level encryption and Secure Sockets Layer (SSL). In addition, LiveOps offers several unique capabilities to ensure that your data – and your customers’ data — remain secure. For example, LiveOps allows callers to securely provide sensitive personal information while preventing agents from hearing or accessing that data.
Agent-level Security
A key component of the LiveOps platform is our Secure Desktop, which enables you to help ensure the security of all data that agents handle. The platform can provide each agent with a secure, virtual encrypted workspace, or desktop, that enables them to access data in a secured and highly controlled environment. It also disables cut-and-paste features and prevents agents from printing data or saving it to fixed and removable drives. In addition, Secure Desktop helps ensure that only agent computers that meet LiveOps’ rigorous security standards are allowed to log on.
Every time an agent’s computer attempts to connect to Secure Desktop, it must complete in-depth antivirus, personal firewall, system integrity, and service pack compliance checks. Secure Desktop can also help detect and block key loggers and screen scraper viruses as they execute in real-time. All agent desktops can be monitored and managed by the LiveOps Secure Desktop Dashboard, which LiveOps customers can access on a 24x7 basis.
Industry Security Certifications and Memberships
LiveOps has a history of participating at the highest level in industry security programs and initiatives. This includes LiveOps Staff authoring a number of industry security and risk white papers. LiveOps also currently Co-Chair’s with Citibank and KPMG the Technical Development Committee (TDC) of the BITS Shared Assessments Program.
The BITS Shared Assessments Program (FISAP) is the groundbreaking assessment program for financial institutions to evaluate the security controls of their service providers both in the US and internationally. It was created by the CEO-driven financial services industry consortium BITS, the leading financial institutions, financial service providers and assessment firms in the US, as well as the Big 4 Accounting firms acting as Technical advisors - www.bitsinfo.org.
LiveOps staff hold the following key security certifications
4011 INFOSEC National Security Agency (NSA) Information Security Standard
Industry Memberships
Association of Certified Fraud Examiners (ACFE)
http://www.acfe.com
BITS Financial Services Roundtable
http://www.bitsinfo.org
Information Systems Audit and Control Association (ISACA)
http://www.isaca.org
International Information Systems Security Certification Consortium (ISC2)
https://www.isc2.org
|
|
|
|
WHITE PAPER
Best Practices for Recruiting and Managing Remote Agents with a Virtual Contact Center Model.
Download Now »
| “ By achieving PCI DSS compliance validation, it's clear that payment card security is a core business requirement for LiveOps. As a market leader, they understand that securing customer information builds trust and confidence in their brand and in their organization, both critical to their business. ” | |
| — Robert J. McCullen Chairman and CEO, Trustwave |
|
