VoiceLogix Data Security
VoiceLogix provides robust security measures to ensure a secure and reliable phone service to your business operation. As a cloud service provider, VoiceLogix offers several layers of built-in security. These include the physical, infrastructure, host, data, application, and business processes, as well as the enterprise level of your organization.
Customer account security is a shared responsibility between VoiceLogix and customers. Security is implemented via policies and governance practices (people), within the service development and operations processes (process), and the application and infrastructure layers (technology).
Transmission security
To prevent interception of your communications, VoiceLogix provides Transport Layer Security (TLS) and Secure Real-Time Transport Protocol (SRTP) encryption between all endpoints.
Infrastructure security
VoiceLogix offers the following infrastructure safeguards:
- Network and applications: firewalls and session border controllers
- Administrative functions: multiple authentication levels
- Technology: intrusion-detection systems and fraud analytics
- Operational functions: monitoring, system hardening, and vulnerability scans
Physical and environmental security
The VoiceLogix platform is deployed across SSAE 18 and ISO 27001-audited data centers, protected by the most robust electronic prevention systems, on-site engineering specialists, and security guards. The geographic diversity of our locations also minimizes the risk of data loss and service interruption due to catastrophe.
Proactive fraud mitigation
VoiceLogix prevents toll fraud through access control, detection controls, and usage throttling, and gives you granular control over who gets to make international calls and to where. VoiceLogix security department performs active monitoring to detect and notify customers of anomalous calling patterns on their account.
FINRA security controls
FINRA’s mission is to protect investors by making sure the United States securities industry operates fairly and honestly. To assist our FINRA-regulated customers, VoiceLogix has implemented the applicable cybersecurity requirements from SEC regulations. This means all VoiceLogix call recordings, call logs, fax exchanges, SMS, MMS, audio and web conferencing, and team messaging communications are in compliance with applicable SEC regulations.
Compliance
We regularly undergo independent verification of our security controls to protect our customers’ data and communications and to meet regulatory and compliance needs.
HIPAA compliance
The government does not offer a HIPAA certification for business entities. In order to meet the HIPAA security requirements as they apply to our service and operations, VoiceLogix has implemented the HIPAA security safeguards. We annually undergo a third-party audit, which includes an assessment of controls mapped to the HIPAA Security Rule requirements, that demonstrates the implementation of the security safeguards and requirements outlined in the HIPAA Security Rule. A copy of the most recent report is available upon request from your Account Manager or Sales Representative.
See VoiceLogix HIPAA Compliance for more information.
PCI DSS
VoiceLogix is PCI compliant as a merchant. VoiceLogix adheres to PCI standards related to payment processing of the customer payments made to VoiceLogix.
For the purposes of the PCI DSS, a “merchant” is defined as any entity that accepts payment cards bearing the logos of any of the five members of PCI SSC (American Express, Discover, JCB, MasterCard or Visa) as payment for goods and/or services.” (Source: www.pcisecuritystandards.org)