MyGenie Safety Measures

  • Follows recommendations established by security standards ISO 27001/27002, PCI/DSS and the OWASP security project
  • Customers’ data is partitioned to ensure that it cannot be accessed by other clients or unauthorized persons
  • Uses a combination of various security tokens
  • Web interface is fully encrypted with the latest TLS version supporting Forward Secrecy
  • All data is encrypted during transmissions between the client and the server
  • All passwords are encrypted by an advanced one-way algorithm. Passwords are never stored for internal purposes
  • All phone calls made through the WebRTC protocol are automatically encrypted and those made through the SIP protocol can be encrypted by TLS
  • All data sent via the Call Center Software REST API is encrypted (TLS / SSL)
    • API access is restricted to authorized users with a login and secure API tokens
  • Audit Log allows us to see who has accessed our data
    • We will be able to find out for ourselves who, when and with what data in Call Center Software accessed and in case of suspicion to solve the matter
  • Genies cannot pause call recording
  • Genies can only access recorded calls that they are assigned to (cannot listen to other calls from other Genies)
  • Genies cannot download call recordings
  • Only logged in users will have access to communication options to Genies (the call and text buttons are hidden from logged-out users)
  • Block calls from/to specific countries option
  • Call Center Software solely uses secured data centers – Amazon AWS in 9 globally distributed data centers with accessibility of min. 99.993%.
    • High level of security all over the world
    • Use multi-level biometrics and other security safeguards to restrict physical access only for authorized persons
    • The full redundancy of these data centers ensures that the data is safe even in the event of system failure or a disaster
  • Rescue employs the same security levels used and trusted by major banking institutions with TLS 1.2 transport security and AES-256-bit encryption
  • Two-step verification login (via Last Pass Authenticator) for all admins and Genies
  • IP address access restriction
  • Requiring the highest level of password strength
    • Passwords forced to change every 90 days
  • Automatic forced screen recording
  • Genies cannot turn off recording
    • Genies cannot choose or change the location of recordings
      • Data is stored on our private server
      • Data is transferred via HTTPS
    • Genies cannot screen capture their customer’s screen
  • Meta data is automatically recorded for each remote session
  • Permissions are locked by Master Admin (cannot be changed by Admins or Techs)
  • All our Genies:
    • Sign a NDA (Non-disclosure agreement)
    • Have criminal background checks completed
  • Have all their calls recorded and securely stored
  • Have all their remote sessions recorded and securely stored
  • Are advised that they are legally responsible for any malicious intent, and we will fully cooperate with legal authorities
  • Cannot access any of the stored recordings
  • Cannot pause or disable recordings
  • Are monitored at any given time without their knowledge