Cloud Security & Compliance
Your business runs on trust, that’s why it runs on TCN
Trust is the foundation of any successful relationship. At TCN, we earn the trust of our customers every day by delivering a platform built on availability, integrity and confidentiality.Security Overview
We’ve got you covered
Compliance and privacy are essential to protecting your data and building trust. TCN is a proven leader that annually powers billions of interactions and customer experiences.
Trusted by thousands of contact centers around the globe, orchestrating billions of interactions a year.
TCN is wherever you are with data centers deployed in regions around the world.
Certified & audited
Verified by third-party certifications to help your call center with its operational objectives.
A secure and connected network
TCN has partnered with Google to deliver its award-winning cloud-based platform. TCN’s Operator platform is fully containerized, encrypted and hosted in the Google Cloud Platform (GCP), utilizing the Google Kubernetes Engine (GKE). Google’s data centers are state-of-the-art, tier-5 facilities with full redundancy, backup and contingency regions.
TCN operates throughout seven fully independent GCP data centers in the US, Canada, United Kingdom, European Union (EU), Australia and India to serve our customers better.
TCN follows the strict standards for data sovereignty under the GDPR. Any information collected or stored in the UK or EU will remain in the respective country or region and on servers in accordance with the GCP terms of service.
Learn more about Google’s platform terms
Global infrastructure that focuses on security, compliance, and privacy
Teams across the globe trust Google Cloud’s facilities to power everyday communications, including the thousands of call centers using TCN Operator. These Google data centers are the same centers used to deliver its infrastructure and security services worldwide.
TCN Product Challenger — Contact Center as a Service
“TCN’s cloud-based delivery model allows clients to easily scale and adjust to evolving business needs. TCN has significant scope for growth and expansion both horizontally and in the industry verticals in the regions it covers.” Kenn Walters – ISG Lead AnalystDownload ISG Report
Best-in-class security engineered for you
Our adherence to local, federal and global regulations speaks to our commitment to compliance with our product, attestations and third-party audits.
Compliance • Infrastructure • Data Security • Product Security
Organizational Security • Incident Response • Business Continuity
Privacy & Reliability • Availability & Reliability
Global compliance standards
PCI • SOC2 • HIPAA • ISO 27001
Compliance solutions that give your organization confidence
TCN’s Operator platform simplifies compliance while minimizing risk through automation and easy-to-build workflows. Additional features build on federal and international compliance rules such as TCPA, OFCOM, Regulation F and other regulations, ensuring the right data is in the right place and with the right agent at the right time.
Learn more about Compliance and Data Management and specific call center laws and regulations.
Automatic platform updates
The TCN platform undergoes rigorous development and testing and is part of our commitment to our customers. New features and updates are conducted regularly and are available for immediate use.
Frequently Asked Questions
Where are TCN’s services hosted?
TCN has partnered with Google Cloud (GCP) to deliver its award-winning cloud-based platform through seven data centers located around the world. TCN’s Operator is fully containerized and encrypted. Google protects all information, identities, applications and devices using the same built-in protections and global network that they use themselves.
Does TCN have a SOC 2 report?
Yes, TCN has a SOC 2 report attesting to our commitment to meeting rigorous Trust Services Criteria (TSC) established by the American Institute of Certified Public Accountants (AICPA). TCN’s SOC 2 report is available under NDA. To request a copy of TCN’s SOC 2 audit report, please contact your account manager, email us at firstname.lastname@example.org or call 866-745-1900.
Is TCN compliant with the Payment Card Industry Data Security Standard (PCI)?
Yes. TCN is audited annually by a third-party Qualified Security Assessor (QSA). TCN protects and maintains cardholder data through encryption, truncation, and masking; and is always encrypted on transmission.
Is TCN ISO 27001 certified?
Is TCN HIPAA compliant?
Yes. TCN performs an annual third-party Health Insurance Portability & Accountability Act (HIPAA) compliance assessment. HIPAA is a series of regulatory standards that outline the lawful use and disclosure of protected health information (PHI). HIPAA compliance is regulated by the Department of Health and Human Services (HHS) and enforced by the Office for Civil Rights (OCR).
Does TCN Operator allow organizations to be GDPR compliant?
Yes, TCN is currently GDPR compliant and follows strict data residency standards. All data that pertains to the EU or UK stays in the designated region. As a personal data processor for many of our customers, you can resolve requests by logging into TCN Operator and processing any necessary action.
Typical actions taken under GDPR:
- Delete Contact: “Right to be forgotten”
- Delete Call Recordings
- Access to Recordings
- Audit Log: “Right of Access”
- Exporting Your Customer Data: “Right of Portability”
- Remove Data From Integrations
Our goal is to provide our customers with secure and reliable services.
What is OFCOM, and how can TCN help?
The OFCOM regulations have been around for a long time and have undergone numerous iterations and changes. The most relevant rules and regulations that TCN Operator handles are the following:
- Drop rate target
- Rotating CLI
- Two-second Rule
- Fifteen-second Minimum Ring Time
- 72-hour Rule
- Tracking Opt-outs and Opt-ins
- Display Numbers and Calling Back
- Hang-up Messages
- Maximum attempts to a user
- Answer machine detection
How does TCN encrypt data?
By default, all data is encrypted at rest and in transit. Additionally, call recording data is encrypted at the file level.
|File Level||Recordings||AES256 using Golang AEAD and GCM cipher modes|
|At Rest (Disk)||All||AES256 encrypted using the Tink cryptographic library with the FIPS 140-2 validated module BoringCrypto|
|Transmission||All||Transport Layer Security (TLS) version 1.2 and 1.3 (preferred)|
|Authentication||Password||Bcrypt Hash & Salt|
Can I control & restrict access to TCN Operator by IP address?
Yes. Within TCN’s Operator admin portal, you can set permissions or restrictions based on users, locations, and even IP addresses. This extra layer of security makes sure your account is secure and only accessible to individuals and locations you choose.
Can I back up my recordings or other data?
How does TCN ensure my data is safe and data from TCN?
TCN’s commitment to security and compliance is its priority and is an integral part of our compliance and certification auditing. TCN performs regular vulnerability tests through internal and third-party auditors as part of our regular security and compliance activities. In addition, all TCN staff undergo yearly compliance and security awareness training.