Overview
Spoke has implemented "bank-grade" call recording security to ensure that only eligible users are able to play a call recording.
Here is how Spoke's secure call recording works:
- The call is recorded over HTTPS on Twilio.
- Once the call recording (audio file) is generated, Spoke deletes the audio file off Twilio, and moves it to a secured Spoke Phone s3 bucket on AWS.
- Spoke then generates a tokenized URL for [accessing] the call recording.
- The tokenized URL expires after 15 minutes.
- To access the recording, a new token has to be generated, which is automatically done by the Spoke Phone app and Account portals when accessing call recordings from inside the Spoke Phone ecosystem.
- If anyone were to share the call recording URL (inside or outside outside the company), no one can play the call recording unless they generate a new token, which they cannot do without the correct encryption keys and applications.
Customers are also able to move and/or copy the call recording from/off Spoke to their own servers (for storage or further analysis, etc.), and Spoke can automate that as part of the customer's implementation. See more about Spoke Phone's VoIP Phone System Security.
