Page 5 - C:\Users\ray.durham\Videos\113. SE-Security Overview Program\Mag-SecurityFrm\
P. 5
environments. If a customer needs a report
that covers inContact’s PCI level 1 (QSA
certified) environment, we must request the
PCI level report from inContact.
inContact SOC 2 This report covers inContact’s SOC 2 security
controls.
inContact Security Overview Overview of various security measures at
inContact.
4. The NDA Requirement
1. Why is an NDA required?
a. To ensure nonpublic information is treated as Confidential Information and
distribution is restricted to those who need to know to protect this sensitive
information from becoming public.
2. What documents require an NDA?
a. The SOC 2 report, the PCI AoC, and any other reports in SRDS
b. Responses to RFP’s
c. Any diagrams or reports that reveal infrastructure components or discusses
RingCentral’s roadmap
3. What documents don’t require an NDA?
a. Any information already available on our publicly assessible website (i.e., no password
or authentication required)
5. Reminders
1. An NDA is required before the reports are distributed, signed by both parties
2. The reports contain sensitive and confidential information about our product & service
security and availability
3. Only requested reports should be distributed
4. Do not forward security reports to internal team members without approval from the
Security team
5. All requests and documents sent by the SRDS tool are monitored and recorded
6. When in doubt… please ask your SE!
v3.1 | March 27, 2019 Internal Only | RingCentral Confidential 4
