CXone Mpower security and compliance standards
NiCE TRUST CENTER
Superior security, compliance, reliability, and uptime.
Safeguard your business with an AI platform that’s reliable, secure, and seamlessly scalable.View Demo Request a Quote
Trust By Design
Welcome to the NiCE Trust Center, where we prioritize the safety and integrity of your data and business operations. With CXone Mpower, we understand that trust is the foundation of every successful customer engagement. It's not just about providing exceptional service, it's about ensuring every interaction is built on a secure, private, and reliable platform.27+
Years of Cloud and Contact Center Experience
25000+
Customers Worldwide
85+
Fortune 100 companies trust NiCE
150+
countries where NiCE operates
The world’s best brands trust NiCE to power 15B+ interactions a year
NiCEly done: Securing your trust with every interaction
We demonstrate our commitment through delivering a secure platform that adheres to industry best practices and appropriate standards, no matter the industry or geography.
NiCE AI Code of Ethics
NiCE ensures responsible use of AI in CXone Mpower through the principles highlighted in our AI Code of Ethics, including fairness, reliability, safety, and transparency.View now
Service Level Agreement
NiCE guarantees 99.99% availability, including maintenance for seamless 24/7 operation. With the only MOS SLA in the industry, our voice service is carrier grade, delivering superior service to both agents & customers. View platform SLAs
High Availability Architecture
Global voice and data network designed with redundancy, fault tolerance and zero down-time in mind, including multi-region and availability zone failover, available on AWS or Azure.Download the Whitepaper
CXone Mpower Community Portal
The CXone Mpower Community Portal offers customers access to a robust knowledge base, discussions, and answers to technical questions including security and compliance. Technical support and case monitoring is also available.Login for access
Compliance & Security
Industry compliance and security with robust encryption, advanced threat detection and continuous monitoring to protect your sensitive data around the clock.Audits and Certifications
Monitoring & Event Management
Engineered with resilience and extensive failover capabilities at every layer, CXone Mpower is designed to guarantee consistent and reliable availability of all services.Read more
Compliance and security make up an incredibly critical component of the CX fabric, without them, organizations simply can’t create lasting experiences that differentiate their organization. That’s why we prioritize security in every feature we build on CXone Mpower, while ensuring that our customers are able to achieve their compliance needs, all while delivering iconic customer experiences.
CEO of NiCEDon't just meet your compliance needs. Exceed them.
Our meet-and-exceed approach to audits combined with our 99.99% uptime guarantee results in a contact center that you and your customers can trust with full confidence.
FedRAMP
FedRAMP is a U.S. government program that standardizes security for cloud services. FedRAMP compliance ensures that cloud solutions meet the strict security requirements mandated for handling government data. NiCE CXone Mpower has been providing FedRAMP-authorized cloud contact center solutions for government entities since 2018.Learn more
PCI
The Payment Card Industry Data Security Standard (PCI DSS) assesses the security and data privacy of cardholder data traversing across information systems. NiCE is committed to offering contact center services that adhere to data security controls approved by the PCI DSS Council.Learn more
SOC 2 + HITRUST
The System and Organizational Controls (SOC) 2 Type 2 attestation is designed to measure how well a given service organization conducts and regulates its data and organizational security programs. NiCE has committed to the supplemental Health Information Trust (HITRUST) additional to SOC 2, meaning we offer the assurance to process sensitive protected health information (PHI).Learn more
IRAP
NiCE fully complies with the Information Security Registered Assessors Program (IRAP), an Australian Signals Directorate (ASD) initiative to provide high quality information and communications technology (IST) security assessment services to the Australian government.Learn more
Cyber Essentials Plus
Cyber Essentials is an information assurance protocol operated by the United Kingdom’s National Cyber Security Centre (NCSC) that ensures information risk management. NiCE has received the Cyber Essentials Certificate of Assurance following an independent assessment of its infrastructure and technical controls.Learn more
GDPR
The Global Data Protection Regulation (GDPR) aims to protect all European Union citizens from privacy and data breaches. NiCE prioritizes ensuring all GDPR articles are enforced and audited by offering security features to use our contact center services to better protect data that is most sensitive.Learn more
CCPA
The California Consumers Protection Act (CCPA) was designed to enhance data privacy for residents of California by disclosing customer information. By offering transparency of our privacy policies and CCPA-compliant based processes, NiCE demonstrates the importance of data privacy.Learn more
HIPAA
For covered entities and business associates subject to HIPAA, NICE offers solutions for processing, transmitting, and storing protected health information (“PHI”). Upon request, NiCE will sign a business associate agreement (“BAA”) according to the services NiCE provides our customers.Learn more
Section 508
NiCE supports and fully comply with Section 508 of the Rehabilitation Act of 1973, requiring all federal agencies to make information technology accessible with disabilities. In demonstrating our compliance, NiCE will offer a completed Voluntary Product Accessibility Template (VPAT) upon request.Learn more
TCPA
Congress enacted the Telephone Consumer Protection Act (TCPA) in 1991 to address the growing number of telephone marketing calls being made in the US. Most recently, The FCC introduced the STIR/SHAKEN Protocol, designed to combat robocalls by requiring grading call integrity before it hits the public internet or PSTN. CXone Mpower offers full A-level attestation for calls originating from our platform in order to comply with TCPA.Learn more
Sarbanes-Oxley
Publicly traded under NiCE Ltd. (NASDAQ: NICE), we annually undergo SOX auditing to protect from any accounting errors or fraudulent practices and to improve the accuracy of our corporate disclosures. We fully comply with SOX electronic record rules and security controls to address data storage and processing flows.Learn more
CPNI
NiCE fully complies with the Federal Communications Commission in protecting Customer Proprietary Network Information (CPNI). Information is securely stored and continuously monitored; further, it is our commitment to you that we will not sell, lend or license CPNI data to a third party.Learn more
ISO 27001
NiCE has received external verification that security controls in cloud environments are applied appropriately and continuously improving, ensuring potential threats are quickly identified and mitigated.Learn moreISO 27018
NiCE has received external verification that personally identifiable information (PII) is handled and processed in cloud environments responsibly, transparently, securely, and according to international law.Learn moreISO 9001
NiCE has received external verification for quality management systems (QMS) that meet customer and regulatory requirements while continuously improving their processes.Learn moreISO 27701
NiCE has received external verification that a structured approach to compliance with privacy regulations, such as GDPR, is established, implemented, and maintained.Learn moreTop ranked in customer reviews
Technical Security Architecture
NiCE has state-of-the-art security in place to protect your data, ranging from physical security of datacenters to data encryption.
Securing Information
NiCE secures information at every step in the information life cycle, from creation to deletion. To do this, the platform classifies, processes, stores, and encrypts information according to regulatory requirements.Read more
Security Layers
Several security layers work together to protect your data and the CXone Mpower platform, including physical security, compute and storage practices, network security, monitoring and management, Compliance, and application design.Read more
“CXone Mpower’s disaster capabilities have saved us so many times, from COVID-19 to power lines being cut.”
Susan Campbell, Director of Customer Experience
“The flexibility [of CXone Mpower] helped us stay lean while maintaining service quality, even as day-to-day needs shift with our government partners.”
Steve Hutcheon, Director of Client Services
“211 LA was the lifeline for wildfire survivors-and NiCE was ours. It’s more than a solution; it’s a lifelong partnership”
Gilbert Zavala, Communications Director, 211 LA
Related products
Related resources
