IS YOUR GENESYS ENVIRONMENT SUSCEPTIBLE TO THREATS AND VULNERABILITIES? Organizations today are vulnerable to intruders or malicious users gaining access to their customers’ sensitive information. To protect this data, organizations must start by defining, and then measuring, the associated business risks of these threats. Based on this understanding, they can then protect their assets through informed decisions that are aligned to business objectives. SecureCX – Where Genesys CX Expertise Meets InfoSec Expertise SecureCX: Risk Assessment Online Business Systems provides the unique combination of extensive Genesys CX and Security consulting expertise. Our SecureCX Risk Assessment service enables organizations to identity threats and vulnerabilities that can potentially impact their business, and to analyze controls that reduce risk. We work closely with our clients to define and locate critical information and assets. This is followed by determining associated threats, vulnerabilities, risks, and potential attack vectors to build out a matrix which includes potential impact, costs, and probabilities. The end result is a strategy to address any pertinent risks. Our Approach Our SecureCX Risk Assessment methodology is based upon well-established information security standards (ISO 27001, NIST 800-53 r4, PCI, and HIPAA) and encompasses reviews of the following elements: • Data classification: Determines what data within your Genesys ecosystem is considered to be sensitive. This may include Personally Identifiable Information (such as social security numbers, Driver’s License numbers, checking account information, or credit card information), health records, trade secrets, company financial information, and customer/client information. • Data mapping: Maps data flows of the sensitive information (e.g., systems that store, process, or transmit this information), including communication protocols and repositories. • System configuration: Ensures that the systems that house Genesys are secure (current patch levels, hardened, no default credentials, no unnecessary services running). • Review of communication protocols: Ensures that sensitive data in transit is protected through the use of secure protocols and associated encryption. • Network architecture: Ensures that network architecture protects your Genesys installation from unauthorized networks/devices. • Data repository: Ensures that repositories containing sensitive data are adequately protected, including data retention processes and encryption. • Access control: Ensures that access to sensitive data is restricted to a “need to know” basis, with access rights based on least privilege. • Logging and monitoring: Ensures that mechanisms are in place to alert you to anomalous events and to provide forensics information if required. ABOUT ONLINE BUSINESS SYSTEMS Founded in 1986, Online is a leading North American business and IT solutions provider. We focus on ensuring our clients’ success through our services, which range from strategy to implementation to ongoing support. For more information, visit www.obsglobal.com. CONTACT [email protected] 801.201.5185