Security and Authentication

Can I set up additional password policies to further protect our users' credentials?

Yes, you can. Go to Administration > Security > User Authentication then click on Staff Password Policies to set up and enable additional policies, like preventing Staff members from reusing a set number of passwords, setting passwords to expire after a specific number of days, or automatically locking a staff account after a number of failed login attempts.

Is it possible to block specific visitor IP addresses from my end?

Yes, you can. Go to Administration > Security > User Authentication, then click on Visitor Number & IP Blocklist/Allowlist to add IP addresses in your Visitor Blocklist. For more information, please refer to our User Guide.

Is it possible to block visitor phone numbers from my end?

Yes, it is. Go to Administration > Security > User Authentication, then click on Visitor Number & IP Blocklist/Allowlist to add phone numbers in your Visitor Blocklist. For more information, please refer to our User Guide.

Is there a feature that blocks Staff members from logging in to maaiiconnect using untrusted IP addresses?

Yes. maaiiconnect has the Staff IP Login List security feature that limits where staff members can log in to maaiiconnect. Staff Administrators can create a list of trusted IP addresses that staff members can use to log in to maaiiconnect.

Can I control the Caller ID and SMS Sender Address to be used by the agents?

Yes. maaiiconnect has the Staff Number Allowlist security feature, which can limit what phone numbers staff members can use as their Caller IDs or SMS sender addresses.

Does maaiiconnect have authentication security?

Yes, you can enable two-factor authentication (2FA) as an added layer of protection to your account.

Is it required to use two-factor authentication (2FA) on maaiiconnect?

No it's not a requirement. However, we do recommend you turn on 2FA for all your accounts. Staff Administrators can turn on Staff Two-Factor Authentication, which requires all staff members to enable two-factor authentication (2FA) when signing in to their maaiiconnect account. Go to Administration > Security > User Authentication to enable this setting.

Can I archive our data on maaiiconnect to our local server?

Yes, maaiiconnect does support Data Retention, which lets Staff Administrators access, archive and transfer data to a server outside the maaiiconnect system. For more information about this feature, please contact one of our experts:

Is there an audit log/trail on maaiiconnect?

Yes, there is. maaiiconnect has an Audit Log feature that records of all the activities and changes made by staff members to certain features or “elements” inside your maaiiconnect account.

How do I change my maaiiconnect password?

To change your password, go to My Account on the navigation menu, then click on the Edit button. Click on the pencil icon on the rightmost side of the Password section to change your password. You can also reset your password at the maaiiconnect login page by clicking Forgot Password.

I have forgotten my maaiiconnect login email and password. How can I recover it?

To recover your maaiiconnect login credentials, please contact your Staff Administrators.

How can I find my password if I forget or lose it?

You can reset your password at the maaiiconnect login page by clicking Forgot Password.

Does the maaiiconnect Dashboard support keyboard shortcuts?

Yes. To view these keyboard shortcuts, click on the keyboard icon located at the top-right corner of the Dashboard.

What is the security policy for maaiiconnect services?

maaiiconnect has a comprehensive security and authentication policy which covers all aspects of the organisation, internal/external communication, and operating systems. All customers and users of the maaiiconnect service agree to our security policy upon registration and this is a binding and enforceable agreement.

What are the security standards that maaiiconnect maintains in order to protect customer data from unauthorised use, access, disclosure, theft, or manipulation?

maaiiconnect is fully GDPR, ISO 27001 and ISO9001 compliant.

We constantly ensure the highest levels of security standards are implemented and maintained across every aspect of our business. Nothing is more important than the security of our customers. We guarantee the maaiiconnect service is always fully compliant to our security standards.

How does maaiiconnect maintain confidentiality of customer data and contractually commit to these obligations?

maaiiconnect has a strong privacy policy to make sure all data is kept confidential. Just like our security policy, our privacy policy is agreed by all users upon registration and is a binding agreement.

All data is encrypted with a high-security standard (AES-256). 1 -1 video and voice calls are fully secured with end-to-end encryption, except recorded calls. Recorded communication is encrypted and protected with a separate encryption standard.

Instant messages are encrypted and secure with traffic protection, as maaiiconnect uses web socket over TLS/1.3 for secure messaging. All user profiles and messages are secured inside our database, and encryption keys are managed by our Vault.

Which cloud communication platforms are used to host customer data?

Data is stored using a hybrid cloud model. We are using different cloud platforms, and are closely following the best practices from ISO 27018 and NIST 800-144 to make sure all security configurations are correctly implemented.

maaiiconnect owns 3 cloud storage locations, and we also use the public cloud across the globe, which will be extended to over 20 locations in the next few years.

Our cloud service providers are fully compliant with ISO 27018 and GDPR.

How do you control data accessibility?

OpenLDAP is used for the role and permission management, all maaiiconnect API and data access are checked against the Role of the users to ensure their actions are authorised. maaiiconnect also runs independent audit logging to keep track of user footprints and ensure there is no unauthorised access to your data.

How do you protect my data in transit?

All connections are secured by HTTPS (TLS v1.3). On top of this, Expect-CT (Certificate Transparency) is used to protect against man-in-the-middle attacks.

Which firewall does maaiiconnect adopt?

maaiiconnect has adopted all standards of firewall. To ensure calls are working normally, customers need to allow UDP 10000-50000 (DTLS-SRTP) and HTTPS (443/TCP). maaiiconnect also provides an easy way to integrate with corporate firewalls through TURN protocol.

How can I report a security incident? Do you have any official flow and process?

maaiiconnect offers 24/7 support. Incidents can be reported to [email protected], or through the maaiiconnect online support.

In the event of a potential security incident, we can review and analyse firewall logs, audit trails, and real-time system status/monitoring. maaiiconnect also supports CEF logs for integration with SIEM solutions.

What is your backup and recovery policy?

All data is backed up daily with fully compliant encryption standards. maaiiconnect uses multi-location – pairs support. Even if one location is down, your data will still be available from another location instantly.

Does your application use secure encryption protocol and protection for data transmission between our network and your system over the internet?

Yes, our connections are protected with TLS/1.3 encryption, which is the latest and fastest industry standard for communication encryption and protection.

Is your payment gateway compliant with PCI DSS?

Yes. All sensitive credit card data are protected in a dedicated zone according to PCI DSS requirements.

Updated 29 days ago

Security and Authentication

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.