Virtual Observer Data Defender ensures the security of valuable customer data and helps meet PCI and HIPAA compliance
Coordinated Systems, Inc. (CSI), of East Hartford, CT, is pleased to introduce Virtual Observer Data Defender, a feature suite which ensures the security of valuable customer data and helps meet PCI and HIPAA compliance.
CSI, the first call recording vendor to meet Payment Card Industry (PCI) Compliance, has expanded the Virtual Observer platform to remove credit card transactions from recorded audio and screen captures. Expanded security features such as our exclusive “Lights Out” data protection functionality clearly places the solution in a leader position when it comes to PCI, HIPAA, and overall call recording security.
“This capability proves we continue to pave the way for new PCI Compliance features even though they may not yet be part of the compliance specification,” said Dan McGrail, Vice President of Product Development.
Today, the standard states a single transaction need not be encrypted.
“This has allowed vendors to focus only on mass storage using encryption technologies, auditing capabilities and the like, and not necessarily worry about a single call during playback or review, added McGrail. “We all know that a new compliance specification is coming soon, so vendors are trying to predict what will be next. We like to believe we are ahead of the curve and have taken single transactions seriously.”
“It’s important for organizations to maintain a level of trust. We have to be able to ensure the security of private and confidential data, including credit card numbers, social security numbers, passwords, pins and other information,” McGrail said.
Virtual Observer’s Data Defender module helps to maintain that level of trust and contains many vital security features, including:
- Single Transaction Security: CSI believes that protection for all starts with protection for one
- “Lights Out” functionality: The application controls playback and review based on tight restrictions applied by users and profiles. However, playback is indeed a necessity and therefore users will have access to sensitive card holder data. To reduce this exposure, Virtual Observer engineers developed a “Lights Out” feature for recorded audio and media which detects the start and stop of a credit card transaction and mutes the audio as well as wiping out the screen images during the life of the credit card process.
- Encrypted Media: All recordings and screen captures are encrypted to 256-Bit Advanced Encryption Standards, thus both on-line and archive mass data storage are protected.
- Application and Data Security: Every menu, program and button within Virtual Observer is controlled at the user level. Administrators pick-and-choose which users have access to specific features of the application based on users and groups. In addition to program security, data security allows administrators to build secure filters that reduce the data a user is allowed to access and see, such as by department, call type, skill, VND, DNIS, agent. Etc…
- Program and Data Auditing: Virtual Observer provides a breadcrumb or paper trail detailing every action a user takes and every piece of data they review, add, edit or delete. This auditing trail allows administrators to determine a complete user history in regards to program usage and data access.
- Network Security: Access to the Virtual Observer application is controlled at the user level within the application itself, and at the network level using tight integrations to Active Directory (AD), Group Policies Objects (GPO) and Secure Socket Layers (SSL).
- These features are designed not only for PCI Compliance and HIPAA compliance but also for true enterprise-caliber granular security.
Many companies already have technology which masks all but the last four digits of a credit card number. Those companies which do not currently have this ability can rest assured Virtual Observer Data Defender can mask their valuable customer data for them. CSI continues to remain on the forefront of PCI and HIPAA compliance and the sensitive nature of card holder data.