Security assessment and penetration testing
With cyber-attacks on the rise, it’s essential for service providers to take all possible steps to protect their offers. At Touch, we work constantly to ensure that all data has been secured and that we follow all relevant regulations. How do we protect your data?
All businesses are confronted with an ever-evolving threat of cyber-attacks. Constant vigilance is required to ensure that all possible measures have been taken to protect valuable assets and to keep your business running. This matters for stored data, as much as for real-time systems. So, because Touch Call Recording as a Service is both a real-time solution and one that holds and stores data for many years, providing the highest levels of security and protection are of the utmost importance.
At Touch, we take an active stance, running regular third-party security assessment and penetration testing programmes, to stress-test our service and systems. To achieve this, we employ independent, third-party experts, each with many years of international experience and relevant qualifications. We invest in experts as part of our commitment to our customers and to our data security obligations.
During the assessments, international best practices and methodologies are used. These ensure that we adhere to the strictest standards.
- Institute for Security and Open Methodologies - Open Source Security Testing Methodology Manual 3 (OSSTMM)
- NIST Technical Guide to Information Security Testing and Assessment (SP800-115)
- Open Web Application Security Project Testing Guide v4 (OWASP)
- Penetration Testing Execution Standard (PTES)
- Payment Card Industry (PCI) Data Security Standard (DSS) Guidance v3.2- PCI Information Supplement: Penetration Testing Guidance
- Federal Risk and Authorisation Management Program (FedRAMP): FedRAMP Penetration Test Guidance 2.0
We’ve recently completed a full cycle of security assessment and penetration testing, for which we achieved outstanding results, as we have done for every previous round. The OWASP Risk Rating Methodology defines three classes of vulnerabilities - Critical, Medium and Low. The Touch Call Recording Service assessment showed no vulnerabilities, in any category. This means your data is protected, your service is assured, and you can manage your business with confidence!
Click here if you If you would like to get in touch and learn more.