White Papers Webinars Demos Case Studies and Videos  FAQs  Collateral

FAQs

<<Back to FAQs

Security, Privacy and Compliance

How secure is the Echopass service?

Completely secure, and validated by key clients of Echopass in the financial services industry that require the most stringent adherence to security requirements that are supported by periodic security audits. Our security infrastructure includes a three layer approach that addresses physical, logical and data security. Our extensive physical security measures include electronic ID badges, camera monitoring, restricted accessibility only by authorized personnel, and the physical segregation of platforms and databases between multiple redundant datacenters. Logical security includes advanced firewall systems, application hardening and 24 x 365 monitoring by network engineers utilizing state of the art solutions across the entire network infrastructure. Similarly, data security is tightly managed and is password protected and permission based with encryption for key data elements. 

Are Echopass data centers SAS70 certified?

Yes. Echopass is fully SAS70 certified for all operations within the company including our Network Operations Center and three datacenters in Salt Lake City Utah, Ashburn, Virginia and Irvine, California. In keeping with this certification, Echopass follows documented policies, processes and procedures for all IT activities. Change management, backup and recovery, computer and network operations, and security all have fully documented policies and procedures which are followed at all times. Echopass avoids human error by strictly following SAS70 policies and procedures.

Can Echopass support HIPAA compliancy?

Yes. Echopass clients in the Healthcare industry are HIPAA compliant through their use of Echopass.

Can Echopass support PCI/DSS compliancy?

Yes. Echopass meets the stringent requirements of companies who require industry-specific security compliance and works with our clients to ensure they remain PCI/DSS compliant in their operations. Since Echopass typically does not store sensitive credit card holder data or encrypts the data when stored, Echopass is able to help clients remain PCI/DSS compliance across their contact center applications.

How does Echopass protect Voice over IP traffic?

Echopass uses state of the art built-in encryption including Transport Layer Security (TLS), IP Security (IPSec), and Secure Real-Time Transfer Protocol (SRTP) for protecting Voice over IP traffic..

"Our first call resolution peaked at 95 percent. We've maintained that level since the Echopass service went live."

Jack Novielli
Sr. Vice President
The Provident Bank