contact center security

Three Pillars of Cloud Security

Share:

inContact is a member or the Cloud Security Alliance (CSA) because we recognize the importance and value of what CSA is doing in developing and promoting best practices in cloud security. One example of a great tool for both Cloud Providers and Users is the Cloud Controls Matrix or CCM. The CCM provides a list […]

Read

Accountability – The Third A in the Triple AAA’s of Security [series]

Share:

We have now discussed the first two A’s: Authentication and Authorization. The third A stands for Accountability which establishes the reasons and source for changes, activations, additions, deactivations and deletions. This is accomplished by means of audit trails and logs that identify Who, What and When. Some accountability processes such as policies and tickets also […]

Read

Authentication – The First A in the Triple AAA’s of Security [series]

Share:

In this series of articles, I want to discuss security best practices for your contact center: the triple A’s of security–Authentication, Authorization and Accountability. inContact can be a part of your security strategy, and the first article will discuss best practices for user authentication of agents and supervisors in your contact center. Authentication is the […]

Read

Voice Over IP, Questions, Questions, Questions – Solutions, Solutions, Solutions

Share:

My early background was in telecommunications and when inContact made the decision to change from a T1, DS3 and traditional TDM based telecom network to a VoIP driven telecom network, I helped to develop our first VoIP training program using a book called Carrier Grade VoIP.  As with many telecom technologies, often you cannot simply say that one telecom technology is better than another…. rather it is different.  Each comes with it's own advantages and disadvantages.    As an example, traditional telecom required telecom users to set aside a channel or circuit for every call, and generally forced that channel to use 64 kb of bandwidth.    This served the traditional telecom world well, but it was expensive and as competition drove prices down and trends like home agents increased, having a a dedicated line for every phone call became prohibitive.  VoIP was a great solution, making more efficient use of network resources and allowing an agent to actually use their broadband internet for both data and voice.  VoIP even offered the ability to compress that audio and thereby reduce the bandwidth needed for the call.  The normal non-compressed audio codec is called G.711 and the compressed audio codec is called G.729.  G.729 works very well, and I really cannot tell the difference between the two, most of the time.  However, they are different in one way that manifests itself clearly.  That one way is in how G.729 processes music as compared to G.711.  The phone network is not designed to pass high fidelity music, but that said, G.711 does an adequate job.  G.729 however, because it is trying to compress the audio,  often causes music to sound distorted.  As an example, music on hold will often sound broken and a bit garbled.  As soon as the music stops and you begin speaking – it is just fine.  So when a person is using a G.729 coder for their call, and they complain about music on hold sounding bad… that is, unfortunately a problem of 'works as designed'.  

Read

CSA Congress 2012

Share:

November 7 and 8th, 2012, Orlando Florida was again the host for the 2012 Cloud Security Alliance Congress.  The Cloud Security Alliance or CSA is a not for profit organization that seeks to promote best security practices to provide assurance for the Cloud. The CSA has been organized for a few years now and continues to grow. It’s involvement with organizations such as ISO, NIST, the European Union and others continue to grow.  In fact,  it held it's first ever EMEA Congress this year, and it has opened offices in Singapore.

Read

Black Hat USA 2012

Share:

This last week I was able to attend the Black Hat USA conference in Las Vegas.  As a matter of information, Black Hat is a premier security conference that occurs, not just in the USA, but globally as well, with annual events in Abu Dhabi, Barcelona, Las Vegas and Washington DC.  The term black hat or a black hat hacker refers to someone who violates computer security for maliciousness or personal gain.  The Black Hat conferences, correspondingly target the hacker community and focus heavily on computer security as it relates to hacking and exploits.   These conferences are attended by thousands of computer and security professionals, individuals, businesses and government agencies. (I spoke to people from the DOJ and Defense Department while I was there.)  All are there to learn what’s new in the world of hacking and cyber threats.

Read

I’m Not Paranoid, Just Cautious…

Share:

I am not paranoid, but I am cautious and concerned about the steady encroachment into our private lives, enabled in large part by the every growing and ubiquitous nature of our technology.  Maybe it is just me, but here are a few stories that demonstrate why each of us should be concerned about our digital trail.

Drones Over America

OnStar GPS Data Could Be for Sale

iPhone Tracks Users

Germany Declares Facebook ‘Like’  Button Illegal

Street Cameras Raise Privacy Alarms

Read

Cloud Maturity

Share:

The Cloud Security Alliance, in conjunction with ISACA will be initiating a new working group to perform research on what it means to have Market Maturity in the Cloud.  This is a very interesting subject for me. I have been working in the telecommunications and data industry now for over 25 years. During that time, I have observed in real terms the application of the phrase ‘ahead of its time’ and what that can mean to a nascent industry or technology. As an example, people are amazed to discover that the technology that would become the fax machine was first invented in 1843, in England by Alexander Bains (a psychologist). Yet it took almost 100 years for the fax machine to become the common business tool it is today. Some of the technological factors that influence the maturation of a product include communication, computing, fabrication, miniaturization and materials. Ultimately, one of the most critical factors is whether or not the technology exists to manufacture the product or perform the functions in a cost-effective fashion, and whether there is sufficient ubiquity of that technology to allow the masses to utilize it.  There are, however,  two other important elements, I believe, in the maturation of a product or service.  Are people psychologically disposed to using it and is there a legal and regulatory environment that describes its use? 

Read
1 2 3 8