Security Settings for Webex Contact Center
Webex Contact Center Security Settings can be configured using this article.
Enable or Disable Privacy Shield for Call
When agents select the Privacy Shield feature, sensitive information can be paused during recordings. Customers’ credit card and social security numbers are protected by this feature. The contact center database continues to record the metadata of calls such as duration, dial number, routing path, and other related information even when call recording has been paused.
Privacy Shield can be enabled or disabled as follows:
- Visit https://admin.webex.com to access the customer organization.
- Access the Settings > Security section under Services > Contact Center.
- The Privacy Shield feature can be enabled or disabled with the toggle button under this section. Privacy Shield is enabled by default, which means that it is enabled by default. The feature can be disabled so that an agent does not have the ability to pause the recording of sensitive information while they are on the phone. Unless the Pause/Resume Enabled feature in the Management Portal (Provisioning > Entry Points/Queues > Queue/Outdial Queue > Advanced Settings) is enabled, you should consider this setting.
Enable or Disable Attachments for Chat and Email
There are a number of file extensions that are supported by the Webex Contact Center:
.html .mhtml .mht .odt .pdf .pdfxml .rtf .shtml .xps .xml .xhtml .txt .eml .msg .ods .dot .dothtml .dotx .dotm .pot .pothtml .ppthtml .pptmhtml .pptxml .potm .potx .pps .ppam .ppsm .ppsx .pptx .pptm .ppt .pub .pubhtml .pubmhtml .xls .xlshtml .xlthtml .xlt .xlsm .xltx .xltm .xlam .xlsb .xlsx
-
The embedding of images into attachments is not supported.
-
The maximum number of files that can be sent and received by you is 10. There must be a maximum file size of 25 MB for the total size of the file. We will drop a few attachments from the email when the file size of the attachments exceeds 25 MB. This will enable the email attachments to remain within the limit and the agent to work on them.
Attachments can be enabled or disabled for chat and e-mail by following these steps:
- Go to https://admin.webex.com/ and log in to the customer organization.
- Click on Services > Contact Center > Settings > Security on the left side of the screen.
- Use the toggle button to enable or disable chat and email attachments in the Chat and Email Attachments section. Having this feature disabled will prevent an agent from sending or receiving attachments via chat or email when this feature is disabled.
This toggle button is enabled by default, so that you can toggle between Chat Attachments and Email Attachments.
Configure Redact and Drop for Chat and Email
For redacting and dropping to work for chat and email, you will need to follow these steps:
- Go to https://admin.webex.com/ and log in to the customer organization.
- The first thing you need to do is navigate to the Services > Contact Center > Settings > Security page.
- You can either choose the Redact or Drop radio button under the Security Settings For Chat and Email section. It is selected by default that Redact should be used.
- Redact: The content of chats and emails should not contain confidential information about users.
There are a number of rules that apply to redact, including the following:
If | `Then |
---|---|
In the subject line, the body, or any attachments to an incoming or outgoing email, sensitive information has been detected. | The specific content of the email body and subject line have been redacted. A sensitive attachment is dropped if it contains sensitive information. Redaction is enforced on the sender's message, resulting in an alert to the sender. |
In a chat message (the body of the messaging or attachments), sensitive information is detected that could be harmful | Prior to being sent across, the content is redacted in order to ensure its privacy. Neither the sender nor the recipient will be able to access anything other than the updated content. A sensitive attachment is dropped if it contains sensitive information. Redaction is enforced on the sender's message, resulting in an alert to the sender. |
- Drop: Protect your confidential information by blocking confidential chats and emails.
In order to use Drop, the following rules must be followed:
If | Then |
---|---|
Incoming or outgoing emails contain sensitive information (in subject lines, body contents, or attachments). | Attachments and emails are deleted. A policy violation results in the delivery failing. The sender is alerted. |
The body or attachment of a Chat message contains sensitive information | Attachments and the message are deleted. Drops are enforced and the sender is notified. |
- The Chat Security Banner can be enabled or disabled by using the toggle button.
There is a security banner message that displays when this option is enabled for a chat. This message states that personal/confidential information should not be shared through chat messages or attachments.
Content Security Policy for Webex Contact Center
It is possible to define a content security policy to specify which domains can be accessed by Webex Contact Center applications based on an allowed list of trusted domains. As a result, browsers are able to enforce content security policy frameworks this allows to be ensured that they are following the rules. Please be sure to visit https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP for more information on Mozilla’s content security policy.
You can add trusted domains to your list of allowed domains by following these steps:
- Go to https://admin.webex.com/ and log in to the customer organization.
- Click on Services > Contact Center > Settings > Security on the left side of the screen.
- Ensure that you have entered the domain of the web resource that you require access to in the Content Security Policy Allowed List section.
- Please click the Add button.
In the Registered Domains list, the domain appears as registered.
-
Click on the x mark next to the domain name in order to remove it from the list. There are certain domains that are marked in gray as mandatory and should not be removed from the list.
-
It is necessary to add this domain to the allowed list of the Content Security Policy if the Agent Desktop is embedding within an iFrame that belongs to another domain in an organization. The Agent Desktop in an iFrame will take 10 minutes to load once you add the domain to the list of allowed domains. The changes can either be viewed by reloading the Agent Desktop or by logging back in again to view them.
Source IP Addresses for Webex Contact Center
In this article, we will tell you which IP addresses you must allow on your firewall to be able to access the sources. It is possible to make network calls through your firewall to the external services hosted on your premises, when Webex Contact Center has been configured with this configuration. There are several uses for this setting, including Flow Designer HTTP nodes or external webhooks, that can be used in the context of this setting.
These IP addresses are for customers who are required to list Webex Contact Center as the source for any contact they make from Webex. A Network Address Translation (NAT) gateway is used in order to translate the network addresses of data center calls into IP addresses for the distribution over the internet through the Network Address Translation (NAT) gateway. Inbound requests to Webex Contact Center go through load balancers and IP addresses are dynamic when they reach data centers. As a result, we do not provide IP addresses of Webex Contact Center as the destination addresses.
Each data center is assigned one of the following IP addresses. There are different source IP addresses depending on the country where you are operating. In the Webex Contact Center article Data Locality, you can find more information about the supported data centers.
Throughout this article, we will talk primarily about Webex Contact Center source IP addresses. There is a page in the Cisco Webex Contact Center Setup and Administration Guide that explains what authentication is necessary for the Agent Desktop and the domains that are required.
Data Center | Source IP Addresses |
---|---|
United States | 44.198.116.6 |
52.2.206.209 | |
34.233.169.210 | |
35.171.39.86 | |
52.71.229.67 | |
18.204.155.101 | |
United Kingdom | 18.133.42.169 |
18.132.81.121 | |
18.170.240.71 | |
Australia | 13.55.204.113 |
52.65.175.133 | |
3.105.244.46 | |
Germany | 3.67.159.214 |
3.65.95.10 | |
3.69.237.238 | |
Canada | 35.182.112.71 |
15.223.110.6 | |
15.223.82.211 |