Security & Compliance
Security features help protect customer data, ensure policy adherence and provide operational auditability.
Authentication
- Primary Login: Username + password validated against Uniconnect Enterprise domain.
- Two-Factor Authentication (2FA): Optional; user enters a one-time code sent to registered phone/SMS channel.
Authorization (Planned RBAC Snapshot)
Roles determine feature exposure (e.g., transfer types, recording control, multi-account switching).
Event & Action Logging
Call control operations (answer, hold, transfer, merge) and authentication events are recorded for audit and performance analytics.
Data Protection
- DTMF masking for sensitive keypad entry (payment IVRs) (config dependent).
- Session timeouts configurable centrally.
- Planned: selective retention windows and export audit.
Compliance Considerations
| Area | Control |
|---|---|
| Access | 2FA, session timeout |
| Data Entry | DTMF masking |
| Integrity | Logged call actions |
| Least Privilege | Role-based feature exposure |
| Traceability | Centralized event logs |
Roadmap
- Fine-grained permission matrix UI
- Redaction of select call notes metadata
- Per-leg recording consent indicators
Some elements are roadmap placeholders pending final spec alignment.