Security is and has always been embedded in, and fundamental to, every Genesys cloud solution. In fact, our security and operational controls are based on industry standard practices and certified to meet PCI-DSS, ISO 27001, SOC 2 Type 2 and HIPAA compliance (to name just a few).
The latest example of our ongoing commitment to protecting our customers data in the most transparent way possible is our worldwide compliance with the new European Union (EU) General Data Protection Regulation (GDPR), which took effect last week. While GDPR applies to any organization that has an EU customer or EU interaction with anyone living in a European country, we have gone above and beyond to ensure these consumer data privacy standards apply globally across all our offers, including PureEngage™, PureConnect™ and PureCloud®.
The point is this: at Genesys, we’re always focused on making sure our customers know their data is safe and secure. That’s why we take every opportunity to continue building upon our rich set of compliance certifications. And now, we’re working toward achieving authorization in the Federal Risk and Authorization Management Program (FedRAMP) for our PureConnect and PureEngage offers.
A Closer Look at FedRAMP
A U.S. government-wide program, FedRAMP provides a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services. FedRAMP was created to enable federal and state government agencies the ability to assess the security capabilities of cloud solutions quickly, rigorously and consistently. The primary goal of the program is to protect U.S. citizen data hosted in the cloud.
While the FedRAMP process is lengthy, we’re already well on our way. In fact, we’re actively engaged with an accredited Third-Party Assessment Organization (3PAO), which is an independent entity that will perform initial and periodic security assessments of PureConnect and PureEngage. In addition, we’re working with existing federal government customers to assist our teams in achieving FedRAMP authorization by mid-2019.
Extending the Benefits of FedRAMP to the Private Sector
Federal and state agencies have unique — and legally mandated — security requirements that they must meet. The goal of FedRAMP is to help government entities determine whether the cloud services they want to use meet those standards. FedRAMP certification offers several benefits, including significant savings in cost, time and resources, risk-based security management, and enhanced security.
While the FedRAMP standards were created to ensure cloud service providers and applications could appropriately protect federal data, we believe achieving this important authorization will also benefit organizations in the private sector. Once achieved, the certification will give them one more level of assurance that their data is in good hands with Genesys. In particular, businesses that have higher security protocols such as those in the financial services, healthcare and telecommunications industries.
The Gold Standard
Headlines are published daily about companies failing at data security all over the world. The threat of breaches, hacks and cyber-attacks is very real for companies large and small, regulated or not. Our customers trust us to keep their data secure – and every day we will work to continue to earn this trust in every way possible.
Pursuing the FedRAMP certification reinforces this steadfast commitment. We see achieving this authorization as an important milestone for Genesys. That’s why we’ve assigned dedicated resources to work toward this goal. For our customers, the FedRAMP certification process ensures that Genesys software and cloud operational procedures have been fully vetted and assessed to achieve the gold standard of data security. Once achieved, our customers will have yet another proof point that security is our top priority.
I look forward to updating you on our progress.