IS YOUR GENESYS ENVIRONMENT SUSCEPTIBLE TO THREATS AND VULNERABILITIES?

Organizations today are vulnerable to intruders or malicious users gaining access to

their customers’ sensitive information. To protect this data, organizations must start by

defining, and then measuring, the associated business risks of these threats. Based on

this understanding, they can then protect their assets through informed decisions that are

aligned to business objectives.

SecureCX – Where Genesys CX Expertise Meets InfoSec Expertise

SecureCX: Risk Assessment

Online Business Systems provides the unique combination of extensive Genesys CX and

Security consulting expertise. Our SecureCX Risk Assessment service enables organizations

to identity threats and vulnerabilities that can potentially impact their business, and to

analyze controls that reduce risk.

We work closely with our clients to define and locate critical information and assets. This

is followed by determining associated threats, vulnerabilities, risks, and potential attack

vectors to build out a matrix which includes potential impact, costs, and probabilities. The

end result is a strategy to address any pertinent risks.

Our Approach

Our SecureCX Risk Assessment methodology is based upon well-established information

security standards (ISO 27001, NIST 800-53 r4, PCI, and HIPAA) and encompasses reviews

of the following elements:

• Data classification: Determines what data within your Genesys ecosystem is

considered to be sensitive. This may include Personally Identifiable Information (such

as social security numbers, Driver’s License numbers, checking account information,

or credit card information), health records, trade secrets, company financial

information, and customer/client information.

• Data mapping: Maps data flows of the sensitive information (e.g., systems that

store, process, or transmit this information), including communication protocols and

repositories.

• System configuration: Ensures that the systems that house Genesys are secure

(current patch levels, hardened, no default credentials, no unnecessary services

running).

• Review of communication protocols: Ensures that sensitive data in transit is protected

through the use of secure protocols and associated encryption.

• Network architecture: Ensures that network architecture protects your Genesys

installation from unauthorized networks/devices.

• Data repository: Ensures that repositories containing sensitive data are adequately

protected, including data retention processes and encryption.

• Access control: Ensures that access to sensitive data is restricted to a “need to know”

basis, with access rights based on least privilege.

• Logging and monitoring: Ensures that mechanisms are in place to alert you to

anomalous events and to provide forensics information if required.

ABOUT ONLINE BUSINESS SYSTEMSFounded in 1986, Online is a leading North American business and IT solutions provider. We focus on ensuring our clients’ success through our services, which range from strategy to implementation to ongoing support. For more information, visit www.obsglobal.com.

CONTACTSecureCX@obsglobal.com801.201.5185

• Business resumption/disaster recovery review: To the extent

it applies, determines the effectiveness of your DR/BC plan

pertaining to your Genesys installation.

Threat analysis:

Our SecureCX team analyzes the various threats to your organization,

including assets, data, reputation, and people. They consider the

following factors as they pertain to your Genesys environment:

• What are the different types of threats to the organization?

• How vulnerable is the organization to different threats?

• What is the likelihood (and how difficult would it be to perform

the attack) that a threat will be realized?

• What would be the impact if a threat was realized?

• How can the organization reduce the likelihood of a threat

being realized, or how can impact be minimized?

Reporting:

Our SecureCX Risk Assessment presents your results in both an easy

to read executive summary format, as well as a detailed technical

analysis format. The report presents the findings based on our risk-

based prioritized approach. If applicable, a remediation roadmap matrix

will contain a strategic plan to help improve your Genesys CX data

protection, with higher level risks requiring minimal remediation effort

listed first and lower level risks with higher remediation efforts listed

last.

Our SecureCX team meets with your team to review the results of the

SecureCX risk assessment and to develop a strategic plan.

Why Online Business Systems?

As a Genesys services partner, and with service capabilities across the full

suite of Genesys solutions, Online Business Systems has been helping

organizations get the most from their investment in Genesys solutions

since 2005. Our team members have decades of valuable experience

with Genesys and, when combined with our Security consulting

expertise, we are able to provide unique offerings to our clients that go

beyond standard Genesys implementations. We can help ensure that

organizations and their customer information are secure and protected

from threats and vulnerabilities – now and in the future.