Malware and antispam protection best practices

Genesys Cloud is a secure cloud environment that includes protection against malware in the services and devices provided by Genesys, as described in the Genesys Cloud security policy. However, customer side computers and devices, including agent and supervisor workstations, are not immune from spam and malware attacks that may be present in email or documents or attached media. Genesys recommends that customer sites plan to take precautions against malware for all Genesys Cloud user workstations and devices. Specifically, Genesys recommends each site implement as many of the following precautions as possible.

Secure workstations and servers

  • Install antimalware and antispam software on every Genesys Cloud user’s device.
  • To secure data on local workstations and servers, implement full disk encryption.
  • Use Data Loss Prevention (DLP) tools to help control, monitor, and prevent sensitive data distribution or loss.

Implement internal email policies

  • Optionally, for inbound emails to Genesys Cloud, route them first through your company mail servers to apply internal corporate filters and policies, then proceed with routing them to Genesys Cloud.
    Note: Please refer to your mail server’s documentation for more information on this process.
  • To prevent users from clicking links in suspicious messages, disable redirects in email.

Train employees on security best practices

  • Provide users with information security practices training on how to recognize and handle potential malware and spam messages.

Genesys Cloud and email

Genesys Cloud processes inbound email through AWS Simple Email Service (SES), which scans messages for malware. If SES detects a virus in an email, or if the virus scan did not complete or is inconclusive, Genesys Cloud immediately disconnects the email and does not send it to a queue. If the SES analysis indicates that the email is spam, Genesys Cloud processes such emails based on the settings you chose when you set up spam routing during ACD email address configuration. If the AWS SES analysis is inconclusive or fails for some reason and does not flag the email as spam, the email message may be routed to a queue and end up with an agent. Since malware and spam continue to evolve, no system can be 100 percent effective in stopping attacks. This possibility is why Genesys recommends the precautions listed here. 

Genesys Cloud documents and chat

Genesys Cloud does not scan files for malware that users upload, download, and transfer via chat. Genesys stores in S3 whatever file a customer uploads, without executing the file. Since chat is a real-time transfer of messages and files between peers, we strongly recommend that you protect each workstation or endpoint using Genesys Cloud products with antimalware software. The Genesys Cloud Documents feature supports many file types, which need to be covered by your antimalware software.