By Joe Roche on August 29, 2018 in Communications & VoIP, Technology

Starting in Europe and extending to the rest of the world, GDPR has ushered in a new era for data security that enforces responsible and transparent data handling, storage and processing.

Blueface have operated an IP network since 2004 and as a result, data security has always been paramount in importance. Every industry will have to take a number of steps to become fully compliant, none more so than telecommunications companies, who handle mountains of sensitive customer correspondence daily.

From a consumer side, many are familiar with the modernised data legislation through workplace training or data-collection consent messages that now pepper websites. This has shifted primary focus to marketing aspects such as cookies, mailing lists, form collection etc.

While Blueface has taken these marketing measures to ensure our customers and prospective customers have a great website experience, we have also taken significant measures to protect our customer’s data as they join, use and leave our service.

Are VoIP Calls Secure?

Yes. Starting at a basic level, there is security between Blueface’s Core Network and end-point receivers. During installation, each endpoint receives a fully encrypted provisioning file, ensuring a private connection between devices and Blueface’s Core Network.

All IP-communication services provided by Blueface can be encrypted by both TLS (peers), SRTP (media) and additional security measures including real-time call reporting and AI Anti-fraud. Below are just some of the measures taken to secure your calls, media and devices.

TLS
Transport Layer Security keeps the internet connection between two points secure, for example, a user connecting to a website server. For Blueface, TLS encryption refers to real-time SIP signalling security.

SRTP
Secure Real-Time Protocol (SRTP) utilises Advanced Encryption Standard (AES) to protect the real-time protocol (media layer, such as voice calls) of your business phone system. In contrast to TLS, which secures the e-to-peer connections, SRTP affords the safe transit of real-time protocol by securing packets. SIP secures the peers, SRTP secures the media.

AI Anti-Fraud
Our phone system constantly checks and reports on malicious network behaviour, utilising a codex of learned knowledge to detect and solve problems faster. Not dissimilar from the immune system. Call pattern analysis is performed every minute on the customer’s account profiling behaviour based directly from billing information to immediately capture any anomalies.

Call and Heartbeat Reporting
Blueface Unified Communications is a self-monitoring system for both the platform and Blueface devices. Both Blueface and the business will be alerted when your service or devices are functioning improperly which enables quick issue resolution. Blueface UC is equipped with pass-through technology that authorises reporting on our secure system.

Where is Customer Data Stored?

All phone system data is securely stored in Ireland but international expansion requires international infrastructure. Our long-standing partnership with Equinix (formerly TeleCity) allows flexibility if, say a UK company needs calls stored locally, this can be accomplished through our wavelength fibre connections between our Global data centres.

For more information on compliance by data centre, please visit Equinix.com.

Mitigating Human Error

Since the introduction of GDPR in 2018, there have already been a number of prominent data breach cases in the telecommunications space that fall under human error.

Ultimately, even the most ultra-secure prison can be escaped if the front gate is left wide-open and the guards are watching Netflix. Diligence, responsibility and of course not-so-common sense are vital traits for a business – particularly a telco – to protect customer data.

Silvia Panerai | Blueface, Head of Customer Experience & Operations
Ultra-secure technology is only as secure as those who manage it. GDPR goes to great lengths to outline the necessary framework and Blueface immediately implemented data-protection protocols to ensure our internal processes matched these expectations. Including personnel certification, permissions, secure storage equipment (lockers, password protected payslips) and expansive operating procedures.

On top of Blueface-specific training prior to starting at Blueface, the entire Blueface Team is GDPR-certified. All new starters will be required to complete this training. Our extensive partner network is also trained in secure methods of surveying, installing and managing customer accounts.

Can I Change UC Portal Access?

Blueface has developed advanced permission levels to help our customers control access to different modules of the Unified Communications Portal. Administrators have full control to customise their system, users, features and hardware, while Regular Users can utilise many of the feature-rich UC Platform without making modifications.

All logins and changes are tracked from the Audit Logger in the platform.

Blueface has refined our internal permissions and created new, department-specific UC Portal roles to support secure account management and correct data visibility.

Learn More

Your privacy is essential and Blueface want our customers to understand the steps taken to secure data. Get in touch with us on +35315242000 to talk, securely, about our advanced privacy measures.

Need reassurance before you make your next call?

— TLS & SRTP Encryption
— Advanced Call Reporting and Heartbeat Monitoring
— Refined UC Permissions for Blueface and End-Users
— Blueface data is stored locally dependent on customers.
— All Blueface staff members are GDPR trained and certified
— Partner training is available.

Sign Up to the Blueface Newsletter