Five9 implements security best practices and strongly recommends our customers also implement applicable practices to mitigate the risk of security breaches, network intrusion, and data loss.
Implementing a formal security and privacy awareness program to ensure that all personnel understand applicable data protection laws, regulations, and industry standards, and are properly trained and knowledgeable about your security and privacy policies and procedures.
Installing and maintaining appropriate firewalls and intrusion prevention systems to defend against intrusions into network, systems, and data.
Installing and regularly updating anti-virus / anti-malware software on servers, workstations, and mobile devices used in your operating environment to mitigate the risk of attacks.
Regularly patching your operating systems, databases, and applications including web browsers to mitigate the risk of vulnerabilities.
Implementing trusted IP address ranges to restrict access to the Five9 Intelligent Cloud Contact Center. This will help mitigate the risk of unauthorized access from outside of pre-defined ranges.
We require all of our passwords within the Five9 Product Suite to meet the minimum standards to the NIST SP 800-53 rev5 framework.
Enforcing invalid login attempts to conform to applicable industry standards such as the Payment Card Industry Data Security Standard (PCI DSS).
Controlling permissions to enable each user to conform to the principle of least privilege (i.e., minimum necessary).
Promptly de-provisioning any terminated users and re-provisioning any users whose access or permissions requires changes.
Ensuring trust in voice communication by authenticating and digitally signing US domestic outbound calls made using Five9 Telephony.