Prerequisites
  • Recording > Encryption key > Edit permission
  • Recording > Encryption key > View permission

Perform the following steps to generate Genesys Cloud managed Key Encryption Keys (KEKs) periodically, or on demand. When you change the key, Genesys Cloud uses new key pairs to encrypt interactions from that point forward.

  1. Click Admin > Quality > Encryption Keys.
  2. Select the Recordings tab. 
  3. From the Key Configuration Type drop down list, select AWS KMS Symmetric.
  4. From the Periodic Key Change list, select how often you want to generate new key pairs. Keys can be rotated daily, weekly, monthly, yearly, or never.
  5. Click Save. New keys are automatically generated and implemented to protect recordings according to the selected interval.

Click the image to enlarge.

Note:
  • Previously encrypted data does not need to be encrypted again. The system remembers previous keys.
  • It is recommended that you use a scheduled key rotation with a short interval.
  • When working with recordings, Genesys Cloud only supports key rotation for Genesys Cloud Managed keys and AWS KMS Symmetric keys. 
  • If you are using a Local Key Manager you should rotate keys in your own system.
  • Use the Change key now option to change keys immediately.