Change Management
Changes are documented within our PSA system, and will include information such as impact assessment, roll back plans and detail of the change. These are peer reviewed and approved by those with the relevant system knowledge. Changes to platforms are posted on our status page (i.e. upgrades and fixes).
Data Storage & Backups
Details of third parties associated with the service can be found here
Backups are inherent to the EXC UC Cloud Service, they provide flexible, scalable and predictable protection.
Vulnerability & Patch Management
The external surface is scanned monthly, we use continual host-based scanning for internal vulnerabilities. Critical vulnerabilities to the ECX CX UCaaS environment, IPI will endeavour to patch or mitigate affected systems within 7 working days.
Data Deletion and Destruction
Data is deleted according to contractual agreements as stated in T&Cs.
Retention requirements are set by the Customers. ECX UCaaS provides tools to delete, redact, or pseudo-anonymize PII.
Pen Tests
CHECK accredited pen tests are performed annually. Findings are reviewed, tracked and addressed according to risk.
Architecture controls
Separation controls
All resources are shared as part of a multitenant environment with logical application separation.
Data is encrypted at rest, some data is even encrypted inside the database, like passwords, which means that no one at IPI can access it, even administrators with full permissions.
Firewalls
Elastic CX UCaaS uses Azure NSGs and application firewalls. Management of the firewalls is controlled using formal change control, with firewall reviews performed during vulnerability scans and upgrades.
Connection between client and cloud
All connections to browsers, mobile apps, and other components are secured via Hypertext Transfer Protocol Secure (HTTPS) and Transport Layer Security (TLS v1.2)
Connection between cloud and third parties
Transmission or exchange of Customer Data with Customer and any IP Integration vendors will be conducted using secure methods (e.g. TLS 1.2, HTTPS, SFTP).
Encryption
Encryption is used in transit uses TLS 1.2 + and encryption at rest is AES256.
Logging & Monitoring
Monitoring – Elastic CX UCaaS Platform performance, resource health and service status is proactively monitored with automatic alerting by support operation centre.
Logging – Elastic CX UCaaS Platform services are continually logged and are kept for IPI support purposes.
Access Control
Customers own Identity providers are supported allowing flexible options for setting up MFA and SSO. The customer is responsible for setting and managing their access controls. Password requirements are configurable by Customer for minimum length, minimum letters, minimum numerals, and minimum special characters.
IPI will use individual user accounts to access the platform. Strong passwords, MFA, session sign outs are enforced. IPI promptly disables accounts upon employee termination. User access rights are reviewed monthly.
Business Continuity
The Elastic CX UCaaS product is resilient by design using highly available, geo diverse architecture.
Page last updated on February 14th, 2024