LIVE CHAT CLOUD SECURITY Everything you need to know about live chat and communicating with your customers securely



Similar documents
How To Secure Your Data Center From Hackers

Security Policy Revision Date: 23 April 2009

Access Your Cisco Smart Storage Remotely Via WebDAV

UNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

QUANTIFY INSTALLATION GUIDE

RemotelyAnywhere Getting Started Guide

EMR Link Server Interface Installation

PROTECTING DATA IN TRANSIT WITH ENCRYPTION IN M-FILES

S E C U R I T Y A S S E S S M E N T : B o m g a r A p p l i a n c e s

SECURITY DOCUMENT. BetterTranslationTechnology

How do I Install and Configure MS Remote Desktop for the Haas Terminal Server on my Mac?

Initial Setup of Microsoft Outlook 2011 with IMAP for OS X Lion

Understanding Sage CRM Cloud

Security Whitepaper: ivvy Products

Hosted Microsoft Exchange Client Setup & Guide Book

How do I Install and Configure MS Remote Desktop for the Haas Terminal Server on my Mac?

MadCap Software. Upgrading Guide. Pulse

Security Information & Policies

Okta/Dropbox Active Directory Integration Guide

SHC Client Remote Access User Guide for Citrix & F5 VPN Edge Client

How to Remotely Access the C&CDHB Network from a Personal Device

Copyright 2013, 3CX Ltd.

Training module 2 Installing VMware View

How To Set Up Dataprotect

Elluminate Live! Access Guide. Page 1 of 7

Repeater. BrowserStack Local. browserstack.com 1. BrowserStack Local makes a REST call using the user s access key to browserstack.

Security & Infra-Structure Overview

External Authentication with Windows 2012 R2 Server with Remote Desktop Web Gateway Authenticating Users Using SecurAccess Server by SecurEnvoy

Installation Guide Version 3.0

Interact Intranet Version 7. Technical Requirements. August Interact

girlsdrivebetter.com is a trading style of Policywise Ltd, a limited liability company registered in England and Wales number

PC Monitor Enterprise Server. Setup Guide

Setup Corporate (Microsoft Exchange) . This tutorial will walk you through the steps of setting up your corporate account.

SCOPE OF SERVICE Hosted Cloud Storage Service: Scope of Service

Famly ApS: Overview of Security Processes

External Authentication with Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy

Hosted Microsoft Exchange Client Setup & Guide Book

Elluminate Live! Access Guide. Page 1 of 7

Integrating LivePerson with Salesforce

ipad or iphone with Junos Pulse and Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy

How to configure your Desktop Computer and Mobile Devices post migrating to Microsoft Office 365

Xerox DocuShare Security Features. Security White Paper

FileCloud Security FAQ

dotmailer for Dynamics Frequently Asked Questions v 6,0

BOLDCHAT ARCHITECTURE & APPLICATION CONTROL

App Orchestration 2.5

NovaBACKUP xsp Version 15.0 Upgrade Guide

Configuration Guide. BES12 Cloud

NEFSIS DEDICATED SERVER

Compliance Guide: PCI DSS

The data which you put into our systems is yours, and we believe it should stay that way. We think that means three key things.

Cyber Essentials Questionnaire

SaaS Security for the Confirmit CustomerSat Software

Name Services (DNS): This is Quick rule will enable the Domain Name Services on the firewall.

Configuration Backup and Restore. Dgw v2.0 May 14,

Mobile Device Management Version 8. Last updated:

WhatsUp Gold v16.3 Installation and Configuration Guide

Useful Tips for Reducing the Risk of Unauthorized Access for Network Cameras Important

Security Policy JUNE 1, SalesNOW. Security Policy v v

DreamFactory on Microsoft SQL Azure

An Introduction to Cloud Computing Concepts

System Administration Training Guide. S100 Installation and Site Management

This guide provides all of the information necessary to connect to MoFo resources from outside of the office

BlackShield ID Agent for Remote Web Workplace

Configuration Guide BES12. Version 12.2

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

Connecting With Lifesize Cloud

Citrix Receiver for Mobile Devices Troubleshooting Guide

Transition Networks White Paper. Network Security. Why Authentication Matters YOUR NETWORK. OUR CONNECTION.

Wowza Media Systems provides all the pieces in the streaming puzzle, from capture to delivery, taking the complexity out of streaming live events.

RMS Cloud - Setup Instructions for Windows Computers

Enterprise level security, the Huddle way.

How to configure Enterprise Cloud

Security from the Ground Up eblvd uses a hybrid-asp model designed expressly to ensure robust, secure operation.

Use of Exchange Mail and Diary Service Code of Practice

Shipping Services Files (SSF) Secure File Transmission Account Setup

TERMS AND CONDITIONS OF USE OF EPCOT CAREER SOLUTIONS LIMITED ULTIMATE CV BUILDER

APNS Certificate generating and installation

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

Old National offers both Mobile Web and a Mobile App, so you can choose the best fit for your device type. Either solution enables you to:

ProjectManager.com Security White Paper

Installation Guide for Pulse on Windows Server 2008R2

Vodafone Hosted Services. Getting your . User guide

Configuration Guide BES12. Version 12.1

User Guide. Please visit the Helpdesk website for more information:

Using a Firewall General Configuration Guide

Integrating a Hitachi IP5000 Wireless IP Phone

Computer Networks. Secure Systems

activecho Driving Secure Enterprise File Sharing and Syncing

Australian Synchrotron, Storage Gateway

1 Outlook Web Access. 1.1 Outlook Web Access (OWA) Foundation IT Written approximately Dec 2010

Transcription:

LIVE CHAT CLOUD SECURITY Everything you need to know about live chat and communicating with your customers securely

LIVE CHAT CLOUD SECURITY Introduction Security is a top priority online it is vital that customers feel their information is safe for the internet to flourish as a marketplace and as a place to do business. WhosOn offers a secure, reliable and trusted service through which online businesses can safely communicate with their customers. To address the major risks that breaches in security can pose, WhosOn offers comprehensive security policies coupled with cutting edge and constantly evolving technology underpinning the security and reliability of our solutions. This white paper analyses the security challenges you face and how our approach to security addresses them. For simplicity, we focus on our Cloud Edition of WhosOn. However, we also offer an installable edition which is deployed on your server behind your firewalls and utilises your IT security systems. This offers obvious advantages, especially within highly regulated industries such as financial services, government and health. Visitor side security The main service that WhosOn provides is Live Chat. This provides tracking visitors of any web page which has had the tracking code embedded within it, as well as the chat sessions themselves between both the chat agents and visitors. How WhosOn secures all data WhosOn will collect and store data of visitors browsing your web pages. This data is collected and reported in the Web Analytics suite of WhosOn, and can determine which visitors should be engaged and which of your chat agents should engage with them. Data is transferred from the visitor s browser to WhosOn application servers using the protocol of the web page itself (HTTP or HTTPS). This means visitors don t need to download or open any particular ports in order to interact with your chat agents. When a visitor requests a chat, a secure connection is established between the visitor and the WhosOn application servers. Chats are secured over an initial 2048 bit RSA exchange followed by an exchange of a 128-bit session key, produced through an SSL V3 certificate. This uses a trusted public certificate authority to ensure the authenticity of the WhosOn application server. Requested connections are monitored and filtered by our firewalls, ensuring only valid requests will launch a chat session between the visitor and the WhosOn application servers. WhosOn has comprehensive security policies coupled with cutting edge and constantly evolving technology WhosOn chats are secured over an initial 2048 bit RSA exchange followed by an exchange of a 128-bit session key

2 Visitor enters site. WhosOn records data. Visitor requests Live Chat. Server authenticates request. Server sends request to chat agent. Chat agent receives request. All chats go back through application server & monitored by WhosOn firewalls. Once a chat request is received by the application server, a second request is immediately sent to an appropriate chat agent. Communication between the two parties then travels through the WhosOn application server where they can be monitored by our firewalls. A direct connection between the visitor and the chat agent is never made.

LIVE CHAT CLOUD SECURITY Chat agent security User management is fundamental to any security strategy. User authentication and user authorisation through access rights are vital tools to maintain security and are all available with the WhosOn Cloud product. WhosOn offers the user management and security features needed for a secure connection between chat agents and the WhosOn application server. Login policy Direct users of the WhosOn product are the chat agents and administrators. With WhosOn, you have the ability to setup user accounts for each person who may wish to use the system. Each account has a unique username and a password. You also have the ability to customise access rights and permission levels to match each particular user s business requirements; administrators can customize these at any time. WhosOn Mac Client There are several methods through which your chat agents can connect to the service. This includes through the desktop Client, Web Client and Apple iphone/ipad app Chat agent connectivity In order for your chat agents and other WhosOn users to make use of the WhosOn service, they need to connect to the WhosOn application Server. There are several methods through which your chat agents can connect to the service. This includes through the desktop Client, Web Client and Apple iphone/ipad app. Once connected to your preferred environment, all communications made between the chat agent and a visitor are handled by the WhosOn application server where the connection can be mediated by our firewalls. No direct connection between the chat agent and the visitor is made. Desktop client Chat agent to server security is done via an initial Public Key exchange of 2048 bits, followed by the exchange of a session key, this session key is unique per chat agent connection session. Web client & iphone/ipad app This is secured over an initial 2048 bit RSA exchange followed by an exchange of a 128 bit session key, produced through an SSL V3 certificate, using a trusted public certificate authority, ensuring the authenticity of the WhosOn application server.

4 Data is logically protected and segregated ensuring only authorised users will be able to access it. Confidentiality and availability As a Live Chat and web analytics software provider, WhosOn will collect visitor browsing information on your behalf. This includes IP address, browser type, referring page, pages visited plus many more useful statistics to help your business analysts identify how to improve your website experience. WhosOn can also store the chat transcripts between all visitors and your chat agents. In addition, WhosOn customers can setup and deploy highly configurable pre-chat and post-chat surveys. These can be used to gain key customer information, with you able to define what questions you ll like to ask your visitors. All the answers will be stored by WhosOn alongside each visitor s browsing history. Each WhosOn customer is assigned a unique Site ID. This Site ID is used with the access control mechanisms within the application and the database to prevent unauthorised access to your Chat and Visitor information. Although this data is stored on a shared database, it is logically protected and segregated in a way that ensures only authorised users can access it. With the dedicated server offering of the WhosOn Cloud Edition there is the possibility to have all data encrypted. This can be done after a consultation with our Technical Management Team. Your chat agents can connect to the service, through the desktop Client, Web Client and Apple iphone/ipad app

LIVE CHAT CLOUD SECURITY Cookies As with all web-based applications, WhosOn uses cookies to identify visitors and track their sessions on your website. WhosOn uses first-party cookies, meaning that the visitor s browser will recognise the cookie as belonging to your domain. WhosOn also gives you the ability to choose what type of cookie to use: persistent, session-only or no cookie. By default persistent cookies will be used. The advantage of this is that they allow you to recognise visitors across multiple sessions, so that you can see when someone has visited your site before, what they did and who they chatted to during that visit. Some organisations have policies that prohibit the use of persistent cookies, if this is the case, you can make use of session only cookies, where all the data about the visitor is removed once they leave your site, or use no cookies at all. Uptime Parker Software guarantees 99.9% uptime. We may need to close or restart the WhosOn service from time to time in order to apply application software, GEO-IP, operating system or security updates. The restarts are performed during off-peak hours whenever possible and are not included in the uptime guarantee.

6 WhosOn Code of Conduct and mandatory training ensure that all employees conduct themselves in a highly professional manner Infrastructure - data centres WhosOn uses data centres to house the physical location and security of our applications and database servers. These data centres are operated by recognised industry leaders, GoGrid for US based servers, based in San Francisco, California, USA, and Rackspace for UK based servers, based in Middlesex, UK. Physical and environmental security WhosOn data centres use advanced security equipment, techniques and procedures to prevent unauthorised access to its facilities. Most of the security methods utilised by the data centres are confidential, but some of the more visible methods include: Video and audio monitoring equipment including 24/7 on-site guards. State-of-the-art fire detection and suppression systems. Redundant power supply with UPS backups and on-site diesel generators. WhosOn HR security WhosOn employees are an essential component to the security and availability of the network, WhosOn application and customer data, reference and background checks are performed for every employee in compliance with applicable laws. WhosOn Code of Conduct and mandatory training ensure that all employees conduct themselves in a highly professional manner, particularly in regard to customer data.

UK: +44 (0)330 2231 032 US: (800) 680 7712 www.whoson.com sales@whoson.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information