Data Privacy & Protection
GSX offers robust support for encryption and anonymization as part of its data privacy and protection features:
Encryption
The platform ensures that all data, whether in transit or at rest, is encrypted. Data in transit is protected using TLS 1.2 (and TLS 1.3), while data at rest is secured with AES-256-bit encryption.
Anonymization
The platform provides several mechanisms for anonymizing or obscuring sensitive data:
- It supports redaction of Personally Identifiable Information (PII) in live conversations and generated transcripts using traditional NLP, regex, and LLM-based techniques.
- The system allows for masking of PII.
- It enables muting of recordings and their corresponding transcripts on an utterance-by-utterance basis via its native voice stack.
Data retention policies can be customized at the Private Dedicated Environment (PDE) level, giving customers control over data storage duration. Once the defined data retention period has elapsed, the data can be permanently deleted.
GSX is compliant with a range of data privacy and security regulations, including GDPR, HIPAA, CCPA, PCI DSS, SOX, SHIELD, LGPD, SOC 1, and SOC 2.
Identity & Access Management
User authentication and authorization in the context of OneReach.ai GSX platform ensure secure access to the platform and its resources.
OneReach.ai uses industry-standard authentication mechanisms, such as username and password, to authenticate users. Additionally, it supports Single Sign-On (SSO) integration, allowing users to log in using their existing corporate credentials.
Once a user is authenticated, they are granted access to specific resources based on their assigned roles and permissions. OneReach.ai offers role-based access control (RBAC), which allows administrators to define roles and assign appropriate permissions to each role. This ensures that users have the necessary access rights to perform their tasks while maintaining security and data privacy.
By combining user authentication and authorization, OneReach.ai ensures that only authorized users can access the platform and its features, protecting sensitive data and maintaining the integrity of the system.
Role-Based Access Controls
Since OneReach.ai provides a development platform, many authentication methods are supported, including:
Solution access can be configured in multiple ways based on customer security requirements. In addition, we support a wide range of authentication methods, including ID/password, multiple SSO implementations, PINs/passcodes, biometrics, etc.
OneReach.ai includes built-in, advanced administrative controls for all aspects of the platform. User roles and configurations are managed and governed through intuitive GUIs within the Action Desk module. As an additional layer of access control, each flow can be protected by a unique password in addition to standard role-based assignments.
To support privacy compliance, we ensure that only authorized individuals have access to specific environments based on their roles. Role-based privileges can be defined differently for each customer, allowing for flexible, customer-specific access control.
These are flows that contain credentials to third-party systems. Regular flows that call these systems (e.g., Salesforce) use an authentication step that does not reveal any system-level authentication credentials; those are obfuscated by the Provider Flows, thus preventing unauthorized access to sensitive information.