Verint Cloud Security and Compliance
Sustain a proactive cloud security posture with Verint’s Chief Information Security Office (CISO). Protect your cloud-based assets, monitor potential threats to operations and respond to incidents, as needed.
Verint’s CISO: Your Cloud Security Partner
World-class operations require world-class security, and security is the foundation of Verint’s Cloud platform. Our Chief Information Security Office (CISO) touches every facet of cloud operations and governance.
CISO ensures compliance with various industry standards, manages threats, and provides security oversight, governance, and assurance. We take care of your security so you can focus on your business.
CISO Security, Encryption and Access
Verint is committed to the security of our customers’ data. That’s why all changes to the Verint Cloud are reviewed and approved by a change control board prior to implementation and adhere to the following industry standards:
- Advanced Encryption Standards
- Payment Card Industry (PCI) standards
- General Data Protection Regulation (GDPR)
Advanced Encryption Standards (AES):
- Recordings are encrypted by AES 256 or better
- Database is encrypted by AES 256 or better
- Data in transit is encrypted by TLS 1.2 or better with SSL on HTTPS
Verint’s Commitment to Industry Standards: PCI DSS, GDPR
Verint maintains an industry-leading security practice that follows guidelines set forth by PCI, GDPR, ISO, SOC2, and HIPAA. Our security practice governs assets and data within our control and operating environments.
Verint is committed to protecting all of our customers’ information. We have implemented and will maintain appropriate technical and organizational measures intended to protect personal data against accidental, unauthorized or unlawful access, disclosure, alteration, loss, or destruction. Our security practice governs assets and data within our control, as well as operating environments.
Compliance: PCI DSS
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment.
Verint’s Workforce Optimization (WFO) SaaS network security is governed by strict Payment Card Industry (PCI) standards. This means multiple levels of firewalls, IDS detection systems, segmentation both physical and virtual, in addition to our 24/7 monitoring of the environment and regular vulnerably scans.
Compliance: GDPR
The European Union’s (EU) new General Data Protection Regulation (GDPR) regulates personal data processing for all individual citizens of the EU and the European Economic Area (EEA). The regulation contains provisions and requirements pertaining to the processing of personal data of individuals inside the EEA, and applies to any enterprise established in the EEA or any enterprise — regardless of its location and the data subjects’ citizenship — that is processing the personal information of data subjects inside the EEA.
Verint abides by the requirements of the EEA and Swiss data protection law regarding the collection, use, transfer, retention, and other processing of personal data from the EEA and Switzerland. We ensure that transfers of personal data to a third country or an international organization are subject to appropriate safeguards as described in Article 46 of the GDPR and that such transfer and safeguards are documented according to Article 30(2) of the GDPR.
How the CISO Helps You
The Verint CISO oversees and governs security, including managing the incident process. Verint is committed to securing your platform, your access, and your data.
Secure the Platform
Verint provides 24/7 monitoring and SLA uptime commitments for solution availability, data, and security.
Secure Access
Verint tests the system regularly to ensure optimal performance and a secure platform at every layer. We use industry-leading, end-to-end encryption across all platform components
Secure Data
We use industry-leading, end-to-end encryption across all platform components.
Key CISO Security Highlights
Having a trusted partner for your cloud security is critical. Our security framework is based on industry-leading standards, with highlights including:
- Highly compliant data center facilities, operational procedures, and controls
- Two-factor authentication with access control
- Vulnerability testing
- Logging and threat analysis system that is continuously updated
- Centralized and protected logging and threat analysis system
Verint’s CISO team, our innovations, and the proven results of our customers all contribute to Verint being named one of the top customer engagement software firms in the world.
Now available to Verint customers: GRX report for third-party due diligence
Verint works continuously to ensure that our customers can place their trust in the security of our cloud platform, and we are pleased to announce that they can now request access to the Verint GRX report, a resource that will help them perform effective third-party due diligence more easily and effectively.
The GRX report—based on an annual assessment that’s validated by independent ProcessUnity Global Risk Exchange (GRX) partners—is especially useful for regulated sectors, such as financial services and healthcare, whose third-party due diligence is held to high standards by regulators and auditors.
Unlike outdated assessment methods that rely on static spreadsheets, the Global Risk Exchange is dynamic and is updated as the risk level of cloud-service providers changes and as Verint updates its security measures. The report analyzes Verint’s responses against the Global Risk Exchange’s analytics, threat intelligence, and risk models to provide a clear view of Verint’s cloud security measures.
To further decrease our customers’ third-party due diligence burden, Verint customers can use the ProcessUnity Framework Mapper to map Verint assessment controls and responses to industry standards and frameworks such as NIST 800-53, PCI DSS and SOC 2.
Verint customers can access the Verint GRX report, free of cost, by completing the access request form on the CyberGRX page.