Welcome to the NiCE Trust Center, where we prioritize the safety and integrity of your data and business operations. With CXone Mpower, we understand that trust is the foundation of every successful customer engagement. It's not just about providing exceptional service, it's about ensuring every interaction is built on a secure, private, and reliable platform.
NiCEly done: Securing your trust with every interaction
We demonstrate our commitment through delivering a secure platform that adheres to industry best practices and appropriate standards, no matter the industry or geography.
Don't just meet your compliance needs. Exceed them.
Our meet-and-exceed approach to audits combined with our 99.99% uptime guarantee results in a contact center that you and your customers can trust with full confidence.
Top ranked in customer reviews
Technical Security Architecture
NiCE has state-of-the-art security in place to protect your data, ranging from physical security of datacenters to data encryption.
“CXone Mpower’s disaster capabilities have saved us so many times, from COVID-19 to power lines being cut.”
“The flexibility [of CXone Mpower] helped us stay lean while maintaining service quality, even as day-to-day needs shift with our government partners.”
Let us show you how NiCE can unify, automate and elevate your entire customer experience - with AI at the core and outcomes at the forefront.Watch the demo Explore the platform
Compliance and security make up an incredibly critical component of the CX fabric, without them, organizations simply can’t create lasting experiences that differentiate their organization. That’s why we prioritize security in every feature we build on CXone Mpower, while ensuring that our customers are able to achieve their compliance needs, all while delivering iconic customer experiences.
CEO of NiCE
The world’s best brands trust NiCE to power 15B+ interactions a year
Scott Russell
Stringent security requirements have evolved within the cloud services space. Within CCaaS, some industry standard requirements include PCI-DSS, ISO 27001, SOC 2+HITRUST, IRAP, and FedRAMP conducted by certified auditors at regular intervals.
NiCE maintains security governance and regulatory compliance through our established Trust Office. Moderate audits conducted by certified auditors are performed at regular intervals.
The NiCE Trust Office is an organization of cloud security experts, tools and processes that drives security across CXone Mpower through a meet-and-exceed approach to audits.
CXone Mpower secures information at every step in the information life cycle, from creation to deletion. This process includes classifying information, processing, storage, and encryption of the information according to regulatory requirements.
The Business Continuity service is a built-in feature of CXone Mpower that ensures continued operations during regional outages or system failures. It uses a secondary, geographically separate environment—called a Business Continuity Tenant—maintained in a warm-standby state, ready to take over if the Primary Tenant becomes unavailable.
Because the Business Continuity Tenant is maintained in a warm-standby state, it can be activated within minutes, minimizing downtime and service disruption.
NiCE ensures agentic AI can safely execute complex functions while maintaining compliance with proper guardrails, role permissions and human oversight.
NiCE agentic AI is built with enterprise-grade security and governance such as audit trails and logging, configurable approval workflows, continuous monitoring for anomalies or breaches, and integrations with identity and access management systems.
NiCE AI Code of Ethics
NiCE ensures responsible use of AI in CXone Mpower through the principles highlighted in our AI Code of Ethics, including fairness, reliability, safety, and transparency.
NiCE guarantees 99.99% availability, including maintenance for seamless 24/7 operation. With the only MOS SLA in the industry, our voice service is carrier grade, delivering superior service to both agents & customers.
Global voice and data network designed with redundancy, fault tolerance and zero down-time in mind, including multi-region and availability zone failover, available on AWS or Azure.
The CXone Mpower Community Portal offers customers access to a robust knowledge base, discussions, and answers to technical questions including security and compliance. Technical support and case monitoring is also available.
Industry compliance and security with robust encryption, advanced threat detection and continuous monitoring to protect your sensitive data around the clock.
Engineered with resilience and extensive failover capabilities at every layer, CXone Mpower is designed to guarantee consistent and reliable availability of all services.
FedRAMP is a U.S. government program that standardizes security for cloud services. FedRAMP compliance ensures that cloud solutions meet the strict security requirements mandated for handling government data. NiCE CXone Mpower has been providing FedRAMP-authorized cloud contact center solutions for government entities since 2018.
The Payment Card Industry Data Security Standard (PCI DSS) assesses the security and data privacy of cardholder data traversing across information systems. NiCE is committed to offering contact center services that adhere to data security controls approved by the PCI DSS Council.
The System and Organizational Controls (SOC) 2 Type 2 attestation is designed to measure how well a given service organization conducts and regulates its data and organizational security programs. NiCE has committed to the supplemental Health Information Trust (HITRUST) additional to SOC 2, meaning we offer the assurance to process sensitive protected health information (PHI).
NiCE fully complies with the Information Security Registered Assessors Program (IRAP), an Australian Signals Directorate (ASD) initiative to provide high quality information and communications technology (IST) security assessment services to the Australian government.
Cyber Essentials is an information assurance protocol operated by the United Kingdom’s National Cyber Security Centre (NCSC) that ensures information risk management. NiCE has received the Cyber Essentials Certificate of Assurance following an independent assessment of its infrastructure and technical controls.
The Global Data Protection Regulation (GDPR) aims to protect all European Union citizens from privacy and data breaches. NiCE prioritizes ensuring all GDPR articles are enforced and audited by offering security features to use our contact center services to better protect data that is most sensitive.
The California Consumers Protection Act (CCPA) was designed to enhance data privacy for residents of California by disclosing customer information. By offering transparency of our privacy policies and CCPA-compliant based processes, NiCE demonstrates the importance of data privacy.
For covered entities and business associates subject to HIPAA, NICE offers solutions for processing, transmitting, and storing protected health information (“PHI”). Upon request, NiCE will sign a business associate agreement (“BAA”) according to the services NiCE provides our customers.
NiCE supports and fully comply with Section 508 of the Rehabilitation Act of 1973, requiring all federal agencies to make information technology accessible with disabilities. In demonstrating our compliance, NiCE will offer a completed Voluntary Product Accessibility Template (VPAT) upon request.
Congress enacted the Telephone Consumer Protection Act (TCPA) in 1991 to address the growing number of telephone marketing calls being made in the US. Most recently, The FCC introduced the STIR/SHAKEN Protocol, designed to combat robocalls by requiring grading call integrity before it hits the public internet or PSTN. CXone Mpower offers full A-level attestation for calls originating from our platform in order to comply with TCPA.
Publicly traded under NiCE Ltd. (NASDAQ: NICE), we annually undergo SOX auditing to protect from any accounting errors or fraudulent practices and to improve the accuracy of our corporate disclosures. We fully comply with SOX electronic record rules and security controls to address data storage and processing flows.
NiCE fully complies with the Federal Communications Commission in protecting Customer Proprietary Network Information (CPNI). Information is securely stored and continuously monitored; further, it is our commitment to you that we will not sell, lend or license CPNI data to a third party.
NiCE has received external verification that security controls in cloud environments are applied appropriately and continuously improving, ensuring potential threats are quickly identified and mitigated.
NiCE has received external verification that personally identifiable information (PII) is handled and processed in cloud environments responsibly, transparently, securely, and according to international law.
NiCE has received external verification for quality management systems (QMS) that meet customer and regulatory requirements while continuously improving their processes.
NiCE has received external verification that a structured approach to compliance with privacy regulations, such as GDPR, is established, implemented, and maintained.
NiCE secures information at every step in the information life cycle, from creation to deletion. To do this, the platform classifies, processes, stores, and encrypts information according to regulatory requirements.
Several security layers work together to protect your data and the CXone Mpower platform, including physical security, compute and storage practices, network security, monitoring and management, Compliance, and application design.
