Stenocall

Features of Our Service

  • Serving Our Customers Since 1954
  • Certified PCI DSS Compliant
  • Secure Credit Card Processing
  • 24 hour, 365 day Operation
  • Backup Emergency Power
  • Bilingual Operators
  • Per-second billing - no rounding up to full minutes
  • 100% On-Site Operators
  • High Security
  • Customized Conversation Flow
  • Web Enabled Call Center
  • Interactive Voice Response
  • Data Entered Into Your Web Site
  • Flexible Data Transfer to You
  • Live Text Chat
  • Live Push-Page
  • Custom Telemarketing
  • Overflow Service
  • After Hours (Part Time) Service
  • Database Management
  • Custom Reporting
  • Real-Time Call Reports
  • M.O.M. Software Compatible
  • Continuous Quality Control

Client Data Security

We value and treat your data like our own, and have numerous safeguards to protect it.

PCI DSS Compliant for Credit Card Security

  • We have been independently certified in nearly 300 separate requirements, specified by the industry, for credit card security. This is the most important single thing to know about Stenocall data security -- so important we have dedicated a separate page to it.
  • Many of the following points are also stipulated by the PCI standards, although in several instance we have gone beyond the PCI requirements.

Physical Access

  • The exterior call center door is always locked, and only selected employees have keys. Anyone else must be “buzzed in” by a receptionist who briefly unlocks the door.
  • We have several dozen security cameras around the call center building, including parking lot, private offices, and the server room, which can be monitored from a building control center and over the Internet.
  • The server room stays locked with a keypad whose code is known only to authorized personnel.

CSR Security Measures

  • All CSR’s are located at our facility (we do not use remote CSR’s) so no customer information is outside our control.
  • To decrease the risk of a caller’s information falling into the wrong hands, operators are unable to play back recorded calls and they are not allowed to have pen, pencil, or paper at their stations. Nor are cell phones allowed in the call center for anyone to potentially transmit sensitive information to a third party.
  • Operators’ access to the Internet is limited to only specified sites.
  • Each workstation is locked down so that operators can open only programs necessary for taking calls; they are unable to browse the network.
  • Each operator and supervisor has a unique user name and password for logging on to the telephone system.
  • User logins (with information about which PC they are using), as well as other significant system events, are logged on the network servers.
  • The properties of a call — for example, call time, duration, operator who answered, operator's station number, any subsequent supervisors or operators to whom the call may have been patched, caller’s number, and so on — can be easily retrieved, as well as a recording of the call.

Data Access Restrictions

  • We store each client’s user data in a separate database.
  • Even after changing the database “master” password, we don’t access the database under it. Instead we use the passwords allocated to various people, with their own set of permissions.
  • Database access is denied by default, and only allowed when we give permissions.
  • When it’s necessary to send sensitive data across public networks such as the Internet, we encrypt it.
  • We only store the user data which is needed for the business purpose, for as long as the client requests, or it is needed for historical checking.
  • User data is not copied to laptops.
  • Any printed user data is shredded when no longer needed.

Data Backup

  • New client/caller transaction data in the databases are backed up every hour to a separate server, with a full backup every night.
  • New data on the servers (outside the client/caller databases) is backed up at least nightly. Depending on how critical and time-sensitive the data, and how often it changes, full server backups are done either nightly or weekly.
  • Backups are rotated to secure off-site storage but not transported or handled by third parties.

Firewall

  • Our firewall sits between our internal network and the Internet. Any packets from incoming connections are “dropped on the floor” unless there is a specific rule to allow them. The ability to add or modify firewall rules is restricted to network administrators.

Anti-Virus

  • We have anti-virus protection at two levels: on our mail server and on each workstation.
  • Our mail server checks for new anti-virus definitions every four hours and scans all incoming and outgoing messages and attachments.
  • Each workstation has anti-virus software installed and updates its definitions once a day before a full system scan runs.

Other Computer, Network, and Database Precautions

  • In our network and database, we don’t use the vendor-default passwords. We have various usernames and passwords for different levels of security, and only a small number of people have the highest level permissions. Those passwords are also designed to be “stronger;” i.e., harder to guess or crack.
  • To inhibit repeated password guessing, a number of systems impose a delay after entering an incorrect password, before allowing another login try.
  • We regularly apply security updates and patches to our servers and workstations.
  • We have unnecessary functions disabled on our servers.

Idea Checklist

  • Order Taking / Order Processing
  • Cross-selling and Up-selling
  • Direct Response Marketing
  • Govt. Assistance Programs
  • Catalog Requests
  • Customer Service
  • Disaster Backup
  • Product Help Line
  • Troubleshooting
  • Pledge Drives
  • Lead Generation
  • Lead Qualification
  • Dealer Locator
  • Phone Card Reloads
  • Warranty Service / Replacement
  • Applicant Screening
  • Hotel Reservations
  • Conference Registration
  • Business Continuity
  • Literature Fulfillment
  • Appointment Scheduling
  • Complaint Line
  • Consumer Information Line
  • Infomercial (DRTV) Response
Stenocall