You can provide extra security for your contact center environment in multiple ways. You can link your users' NICE CXone user accounts to your identity provider (IdP) using either OpenID Connect or SAML 2.0 as your authentication protocol. You can also enable multi-factor authentication (MFA) so your users must provide extra identity verification when they log in.

Security per Channel

Communication channels between agents and contacts can involve platforms outside of CXone. Platforms outside NICE CXone may or may not meet the same compliance standards as CXone. You are responsible for making sure your information is being handled appropriately and securely through each outside platform channel you choose to utilize.

When working with a channel provider, remember to address all aspects of information management including encryption “at rest” and “in motion.".


Risk Statement

Voice, Voicemail Voice and voicemail traverse public carrier networks and could potentially be intercepted.


SMS traverses multiple network carriers outside of CXone. FedRAMP authorization doesn't apply to them, since they are network carriers like voice carriers. These carriers may transmit SMS unencrypted, store CPNI phone metadata, and store SMS message data.


Once emails are sent, they are outside of the control of CXone and your organization. Create and follow policies in your organization for proper email contents.

Chat Chat is encrypted end to end. It's under the full control of NICE CXone and is under end-to-end NICE CXone compliance.

Partner Channels

Partner channels include Facebook, Twitter, WhatsApp, YouTube, Telegram, Line, Google Places, Google Play, LinkedIn, Instagram, Apple Apps Review, Apple Business Chat, Social Listening, and WeChat. This statement also applies to work items used to route contacts from partner channels.

For all partner channels, a third party delivers the messages. Depending on the channel, the information might appear on a live website.NICE CXone guarantees compliance within the CXone platform boundary but cannot guarantee compliance of partner channels. It's your responsibility to consult these partners and create internal policy for proper use of each channel.