Cloud Services Security Program Overview

This document is a technical report detailing ComputerTalk's Cloud Services Security Program. It outlines the security measures implemented to protect customer data in their North American contact center cloud services, which are hosted in data centers located in Toronto, Markham, and Chicago. The report describes the compliance with standards such as PCI DSS, SOC 2 Type 2, and ISO 27001:2013, which help minimize cybersecurity risks. It explains the formal control framework established, including security awareness training for employees, secure software development practices, and a robust change management process. The document also details the network security measures, such as segmented firewall architecture and data encryption protocols, to safeguard data both in transit and at rest. Additionally, it covers user access control, business continuity, disaster recovery strategies, and the security incident response program, ensuring a comprehensive approach to data security and risk management.