Security
We strive to adhere to and exceed security best practices. Here are a few things that we employ to keep your data safe:
- Encryption at rest and in transit: We encrypt everything from network calls, databases, data stores, secrets, sensitive environment variables, and just about everything else.
- Data Collection We collect information solely to provide you with the Voice Insights service. That being said, we do not collect any custom attributes from the contact events other than the custom attributes specific to Voice Insights. For instance, if you have custom attributes that store sensitive customer information such as names, account numbers etc., they get stripped out from the Contact events before they get sent to Voice Insights.
- PII/PCI Redaction We have PII/PCI redaction mechanisms in place that aim to prevent sensitive information from reaching the transcription logs. No PII scrubbing system is perfect, so to reduce the chances that any PII/PCI information reaches the conversation logs we recommend that you stop the recording while sensitive information is being collected and then resume the recording. The PII/PCI data that we target is, but is not limited to:
- addresses
- credit card numbers
- email addresses
- names
- phone numbers
- personal identification numbers (PIN)
- social security numbers (SSN)
- zip/postal codes
- Software runs in private subnets Most of our application stack is running on serverless components on AWS. This removes the need to manage and patch servers, which is time-consuming and prone to human error. Furthermore, our data stores and compute resources are only accessible through private VPC networks. This means that they are not accessible from the public internet, hence reducing the attack vectors.
- Least-privilege permissions All the infrastructure resources are assigned permissions on a least-privilege basis. The same applies to our engineering staff – each person will only have access to the resources that they need access to in order to perform their job functions.
- Zero data-sharing policy We take the privacy and sensitivity of your data very seriously. We therefore commit to not sharing your data and customers' data with any other party.
- State-of-the-art infrastructure and architecture We pride ourselves with running exclusively on AWS. Our team has extensive experience with AWS and we stay up to date with AWS's published best practices (for instance, see the AWS Well-Architected Framework). Lastly, all of our engineering staff are required to maintain AWS certifications including, but not limited to, the Solutions Architect certification.
Last modified 3yr ago