Technical Architecture Overview

Standard Deployment Model

With Verint’s standard deployment model, Verint provides services and applications within our public cloud. Verint takes on all aspects of running the environment. The secure connectivity between the customer’s network and Verint is delivered using Direct Connect or VPN.

Hybrid Deployment Model

The Hybrid Cloud deployment model is composed of Verint Da Vinci services, communication infrastructure, desktop devices, mobile devices (optional), archive storage (if relevant), and Identify Provider (IdP). The hybrid cloud deployment also includes on-premises recording servers and optionally speech transcription servers.

The Hybrid Cloud deployment requires connections between customer-provided infrastructure and Verint. It is the responsibility of both Verint and our customers to manage these connections. A customer must provide one or more of the connectivity options, according to the connection requirements:

• Transport Layer Security (TLS) connection is required for authentication and data integrity.
• Site-to-cloud VPN connection is required for most site to cloud connections, including transcription and interaction metadata.

No matter which of these deployment options you choose, you benefit from an open, reliable, scalable, and secure architecture.

Businesses depend on our applications, so reliability and system availability are key to day-to-day operations. Our security is built into our systems, not bolted on — Verint innovations are designed to handle both routine interruptions and unplanned failures of components and infrastructure.

We leverage technologies such as high availability and cross-data center redundancy, as well as maintain and test disaster recovery and business continuity plans. Verint helps to ensure:

• A 99.95% platform availability target (excluding planned maintenance).

Verint adheres to industry standard incident management processes to respond to an unplanned event, service interruption, or security event. Incidents are assigned a severity level based on the impact an incident has on the business and escalated following our standard response process.

Verint maintains an industry-leading security practice and follows guidelines set forth by Payment Card Industry Security Standards Council (PCI SSC) standards, General Data Protection Regulation (GDPR), System and Organizational Controls (SOC2), and Health Insurance Portability and Accountability Act (HIPAA). Our security practice governs assets and data within our control and operating environments.

Verint is committed to protecting our customers’ information. We have implemented and will maintain appropriate technical and organizational measures intended to protect personal data against accidental, unauthorized, or unlawful access, disclosure, alteration, loss, or destruction. Our security practice governs assets and data within our control, as well as operating environments.

World-class operations require world-class security, and security is the foundation of Verint Engagement Platform. Our Chief Information Security Office (CISO) touches every facet of cloud operations and governance.

Verint performs monthly vulnerability scans via a third-party, PCI SSC approved scanning vendor. The internal and external scans produce a list of vulnerabilities, which includes categorization into “high-risk” as defined by PCI Data Security Standard (PCI DSS) requirements. Scans are required to pass the standards set by the Approved Scanning Vendor (ASV) Program Guide. If a check fails, a re-check will be required after the noted vulnerabilities are addressed.

CISO ensures compliance with various industry standards, manages threats, and provides security oversight, governance, and assurance. We take care of your security so you can focus on your business.

Verint is committed to the security of our customers’ data. That is why all changes within Verint Customer Engagement Platform are reviewed, logged, and approved by a change control board prior to implementation and adhere to the following industry standards:

Advanced Encryption Standards

• Payment Card Industry (PCI) standards
• General Data Protection Regulation (GDPR)

Advanced Encryption Standards (AES)

• Recordings are encrypted by AES 256
• Database is encrypted by AES 256
• Data in transit is encrypted by TLS 1.2 or greater

The Verint CISO oversees and governs security, including managing the incident process. Verint is committed to securing your platform, your access, and your data.

Secure the Platform
Verint provides 24/7 monitoring and SLA uptime commitments for solution availability and data.

Secure Access
Verint tests the system regularly to ensure optimal performance and a secure platform at every layer. We use industry-leading, end-to-end encryption across all platform components.

Secure Data
We use industry-leading, end-to-end encryption across all platform components.

Data security is not only the responsibility of Verint, but also the responsibility of our customers and partners who access or use our systems

Managing your company’s network access is vital to security and your peace of mind. Access to data can and should be granted on a need-to-know basis. Verint follows a role-based access control (RBAC) standard, which includes identification, authentication, authorization, and auditing. Access to the cloud is granted by following the principle of least privilege (POLP).

With Verint, you have RBAC and POLP controls in place to restrict network access, data, and storage privileges based on the roles of individual users within your company. We provide you with the ability to grant employees access to only information they need to do their jobs and prevent them from accessing information that does not pertain to them. Organizational assignments are a customer-defined hierarchy to allow the segmentation of interaction data within your company’s departments and business units.

Our API management and authorization begins with the Verint API Gateway — this gateway grants you access to cloud platform APIs in one place and allows you to:

• Throttle to control traffic and help ensure systems are not overwhelmed.
• Modernize for consistent modern APIs to replace antiquated SOAP and database APIs.
• Secure and access controls through Verint Identity Service integration for access control enforcement.

The Verint Identity capability provides a unified identity experience for integration. The unified Verint experience supports your user provisioning and single sign-on for Verint Cloud products and resources.

Authentication of users is achieved in one of three ways:

• Security Assertion Mark-up Language (SAML) 2.0 integration with a customer-supplied identity provider (IdP), using either SP-initiated or IdP-initiated authentication flows.
• OpenID Connect (OIDC) when a third party controls the authentication and passes Verint a token to confirm authentication has taken place. This method is leveraged exclusively for WFM-related mobile iOS and Android applications.
• Users provide username and password at the time of login. The authentication information is securely managed and stored within a Verint native authentication provider.

The Verint Customer Engagement Platform is built around native cloud capabilities, such as containers and microservices, and enables developers to rapidly innovate. Applications are engineered in cloud-native code to allow for easy integration via developer friendly open application programming interfaces (OASs). Verint offers an extensive library of APIs, including APIs for common use cases, including:

• Provisioning new and existing users.
• Enriching interactions during the time of live calls, including implementing PCI compliance, and enriching interactions after they complete.
• Exporting enriched interactions.
• Retrieving adherence data for employees in the Verint Workforce Management application.
• Adding, updating, and retrieving schedules for employees in Verint Workforce Management.
• Transcribing audio files with Verint Da Vinci Speech Transcription API Service, without the hassle of installing and managing transcription servers and software.
• Managing and retrieving performance management KPIs.

Verint Customer Engagement Platform customers may access Verint Developer Portal to discover APIs and use cases.

Migrations into the cloud are a balance between the amount of data you move and the time/cost of resources. Verint offers several ways to accomplish this while offering the best fit for you. We support a full-scope implementation of Verint applications, or you may choose specific services to complement your development team or third-party service provider.

During your move to the cloud, we partner with you to determine the right deployment structure and support implementation processes that meet your company’s business goals, resources, and timeline.

Standardized implementation steps consist of:

1. Provisioning
2. Configuration
3. Integration
4. Migration, Dry run
5. User acceptance testing

After the user acceptance testing is complete, a hard cut-over is initiated, and a go-live date is scheduled. We help provide a seamless process for transferring your final legacy database, redirecting desktop components, and providing your users access to the cloud interface.

Often, our customers have a significant volume of business data they need to retain and migrate during a move to the cloud. Verint offers several approaches, depending on the volume and type of data you need to migrate:

Complete Migration: Move existing data from an existing customer-managed environment deployment to the cloud via secure internet or a secure encrypted physical device.

Selective Data Migration: Use the Export feature in your legacy Verint installation to export specific data, ready for importing to Verint.

Verint Compliance Archive Call Migration: Uploaded historic recordings are tagged with metadata to the cloud so they can be easily searched, and recordings can be accessed by a web interface. Only your calls will be moved to the cloud and be accessible via a simple playback system.

Our goal is to make migration as fast and economical as possible while moving required data to the cloud. Migration options and data extract requirements are outlined in detail within the Verint Developer Portal and supporting API documentation.

We take the security of backups and stored data very seriously to maintain the highest security standards. Verint SaaS applications are deployed onto one of the three major cloud providers and leverage zones to run across multiple, physically isolated data centers within a single region. The applications run simultaneously across these zones, with high-bandwidth, low-latency connections on the provider network, allowing components to communicate with each other.

Customer data is stored inside the region in which Verint has deployed your services. For example, should you be hosted from the United States, your user data, screen recordings, media, screen capture, etc. (along with all associated backups) will remain in country. The service can also be deployed using our Hybrid Cloud deployment model, so audio and screen recordings are kept at your telephony site location. Verint customers are logically segregated from other customers.

All cloud deployments are built, at a minimum, using two redundant zones. The level of redundancy is up to you, and you may create many physical connections to meet resiliency requirements. Verint is carrier-agnostic, and we recommend customers to work with their carriers of choice to design a resilient connection to the cloud.

Successful cloud integration and management requires more than just technology— it requires expertise and support every step of the way. Our Verint consulting teams offer guidance on best practices, technical assistance and support, and recommendations to help optimize your cloud platform experience.

Our specialists will guide you through Verint Connect to gain access to daily tools, including the Verint Idea and Support portals. We offer extensive training, documentation, and discussions within one community. In addition to our 24 x 7 x 365 support plans, Verint offers a variety of services and resources to help you and your company get started in the cloud and achieve continued success.

Implementation: Dedicated professional services are available to support a full-scope implementation of Verint applications, or you may choose specific services to complement your own team resources or third-party service provider.

Starter Packages: Starter packages are available to new Verint Customer Engagement Platform customers and are designed to scale based on configuration. A starter package provides a predefined scope and a set price for your company’s design. Packages include:

• Project management and initiation session
• Application design workshop
• Technical design workshop
• Verint Academy Self-Paced Learning
• Configuration of the product

Training: From business fundamentals to technical training, private workshops, or self-paced training, we offer helpful educational courses. Our comprehensive, flexible learning center gives you the opportunity to successfully develop new skills and build on existing ones.

Verint cloud customers may access a full range of eLearning and instructor-led courses via the learning center on Verint Connect.

Verint also offers AdviceLine, packaged virtual sessions with one of our trainers or consultants to address your questions or get the right assistance.

Business Consulting and Analytics Services: For some Verint applications, our consulting team can help you get the most out of your cloud investment. We analyze collected data within your contracted Verint applications, provide report trends, compare results to industry standards, and then offer actionable recommendations.

Usability services allow us to analyze your digital footprint, compare results against industry best practices and offer insights for improvement.