Good News! Tagove Launches Its Own CRM to Manage Live Chat Conversations & Leads Read More
Security is always a top priority when doing business over the web.Due to the fact that breaches of security can pose major risks to online businesses, Tagove has implemented a multi-tiered approach to securing its services by following core principles:
A multi layer physical infrastructure, network, application and system components
Robust and flexible security solutions to support customer requirements
The main service that Tagove protects is live chat. This includes monitoring visitors on any Web page that has been ‘tagged’ with Tagoves tracking code, as well all chat sessions between your chat agents and visitors.
Data is transferred from the visitor’s browser to Web server using the protocol of the Web page. Meanwhile, the agent console software deployed on your chat agents PCs continiously communicates with the web servers, notifying it of each agents availability to accept chats.When visitors request a chat via a click-to-chat button, the web server forwards the request to the appropriate application server. Part of this is accomplished through firewall applications and 2048bit encryption.
Once the server receives a valid request, it will initiate a parallel request with an appropriate and available chat agent. Both sides will then communicate in a chat session which is peer-to-peer and fully encrypted.
This has the following advantages:
- Visitors do not need to install any software on their PCs as all communication are browser based
- No direct connection between your LAN and your visitors are required
- All sessions are fully encrypted
- Firewall application filter all communication prior to establishing a chat session
Convenience, familiarity and broad availability make the Web the most ideal platform for hosting applications. The Application Service Provider (ASP) and Software as a Service (Saas) models provide maximum flexibility for the broadest swatch of potential customers worldwide.
The challend for all ASP-based services is to build security features directly into the application itself rather than relying on third party systems for protection.
- Restricted redirection. Many Tagove agents need to re-direct customers to other pages of the web domain. Therefore, customers canot be re-directed to a third-party domain. Restricting customers being sent to malicious domains
- IP restrictions. The simplest way to stop unauthorized users from gaining access to your system is to create a predefined list of IP addresses which can be blocked.
User management is a key element to security. User authentication, user permission levels and activity trails are all vital for when it comes to security. Tagove enables customer to define the level of security within the application. This determines the users management features.
Direct users of Tagove are the chat agents and administrators who access the system. Each user is assigned a unique account and specific authorization & permission level, as controlled by the account administrator.
Operators and users authenticate Tagove with a username and password. The password is configurable and can be customised to match your organizations corporate password policy. Authentication is established over HTTPS encrypted protocol and passwords that are subsequently stored in a database that is encrypted.
As an Application Service Provider, Tagove collects information from visitors on behalf of customers. Unless configured otherwise, Tagove logs the visitor’s browsing information (e.g. IP addresses, browser types, referring page).
Tagove can also deply a pre-chat and exit survey which are both optional. If set-up it will prompt visitors to provide information about themselves as configured by the site admin (e.g. name, email, phone).
At the conclusion of the chat, the user will be prompted to complete an exit survey in order to obtain their feedback regarding the experience. This is completley voluntary.
All information handled by Tagove is considered private. Tagove has the ability to support your organizations security and privacy requirements.
All chat transcripts and recordings gathered from Tagove are stored within Tagoves database, unless configured otherwise. Each Tagove customer is assigned with a unique ID, and the access control mechanisms embedded in the application and in the database to prevent unauthorised access. Although it may be stored on a shared database server, the data is logically protected and segregated in a way that ensures online authorised entities will be able to access.
Encryption is the final layer of protection. It is implemented in order to prevent potential attackers who may have gained access to your information from actually using it.
Tagove encrypts all chat transcripts, survey answers and "custom variables".
Tagove uses AES encryption. The AES algorithm is a well-accepted encryption method used by many enterprise companies. The advantage of using a well-known encryption algorithm is that is has been subjected to numerous penetration tests and improvement processes by the community of encryption experts.
Tagove uses a Security Hash Algorithm (SHA2) for all password entries.
Management of the encryption keys is as important as the encryption itself. The key management strategy focuses on secured key generation and storage, utilization of a unique encryption key for each customer, limited and controlled access to stored keys, segregation of duties between encryption and decryption permissions and re-generation of keys in compliance with your security requirements.
Tagoves network, infrastructure and archistecture have multiple protection layers that ensure the highest levels of security and control, which include:
- Network and communication security, including firewalls and access control lists
- Content filtering and validation via firewalls
- Logical security, including access control to all media and systems, server hardening and patch management
- 24/7 network, infrastructure and service monitoring
All communications with the outside world passes through access-list enabled routers. Only HTTP and HTTPS protocols are allowed to into or out of Tagoves service network.
Tagoves security ensures that one customer cannot see anothers data. Customer data is logically protected and segregated in a way that ensures only authorized entities are able to access it. Access goals mechanisms have been implemented to efficitently support this goal.
Tagoves services are hosted in advanced data center operated by a recognized industry leader (OVH). Tagove has selected this vendor based on their proven leadership in hosting services for high-capacity businesses. Our vendor adhere to the highest industry standards of quality, security and reliability. Their commitment enables Tagove to deliver 24-hour service, 365 days a year to our customers.
The OVH datacenters have been awarded the following international standards, providing the highest level of international security.
for providing and operating dedicated cloud computing infrastructures
security management and risk assessment norms and associated processes
for 3 datacentres in France and 1 in Canada, which certifies the security level for OVH Dedicated Cloud
Tagoves datacenter utilize an advanced array of security equipment and procedures to prevent unauthorized access to it’s facilities. The servers are located in a private, restricted cage. All access anywhere, is monitored.
To protect integrity of its systems, most of the security controls within the datacanters are confidential. Some of the visible is monitored and recorded.
- Excellent exterior and interior intrusion and tamper-prevention systems
- Advanced array of closed circuit TV camera and recording systems (CCTV)
- Comprehensive security audits and tests
- Strict security policies
