Legacy Dev Forum Posts

Mark_Rynard | 2020-06-03 20:32:47 UTC | #1

Here is a list of questions from our customer that I need your help in answering:

For email coming into this service:

1. We use Microsoft and Agari email protections. Part of those protections include automated incident handling where either one of these two filtering products can go into a mailbox after an email has already been delivered and remove messages. If we were to forward email to this service we would lose that protection. That is obviously a major concern from a cyber perspective.
2. How is the data encrypted once it lands on this service? What encryption type and strength?
3. Is this data stored in the USA?
4. Does anyone outside of the USA have access to this data in any way?
5. Does this service provide any kind of Journaling?
6. Is this a shared multi-tenant type of service when it comes to email?
7. We continue to hear story after story of thieves stealing data from Amazon S3 buckets which have not been secured. How do you protect against that yourselves?
8. What kind of filtering protections will we have direct control over if we use this service?
9. What kind of protections can we put into place to prevent someone sending a message directly to that service and bypassing our existing email controls?
10. Do support technicians have access to any data flowing through this service?
11. How often do you patch your servers?

For email egressing this service:

1. Our domain is 100% DMARC compliant. Does this service support full DMARC compliance?
2. How will the messages be sent safely and fully encrypted to our customers from this service?
3. What kind of DLP controls will we have direct control over to prevent things such as Mass Volume of sensitive data from leaving.
4. Will replies to customers originate on our systems or will they be sent directly from this service?
5. How much (is there a gig limit?) and how long does this service store email data?
6. If we leave this service do you provide certificates of destruction for the data?

tim.smith | 2020-06-03 21:10:23 UTC | #2

The dev forum isn't an appropriate place for RFP discussions. Your Genesys Cloud account/partner manager should be able to assist you.

Mark_Rynard | 2020-06-03 21:22:20 UTC | #3

I had opened a ticket with PureCloud support, and they told me to post the questions to the Developer Forum.

MPR

Mark_Rynard | 2020-06-03 21:25:52 UTC | #4

I would also say that this is an implementation that went live, but their cyber-security consultant advised them to stop using the email piece until these could be answered.

MPR

system | 2020-07-04 21:25:53 UTC | #5

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.

This post was migrated from the old Developer Forum.

ref: 7960