Compliance + Cybersecurity for Cloud Voice and Text Messaging

Show Notes

Get your copy of Commio's eBook @ http://www.commio.com/compliance-ebook 

Consumers have had it—and we can’t blame them. There were more than 50 billion robocalls in 2022, or ~4 per person per day (note: not all qualify as spam). And, the number of spam texts first surpassed spam calls in 2020, then soared to 225B+ in 2022! (Mid-term election year, surprise?) The FCC has had it, as well, receiving tens of thousands of complaints each year. With STIR/SHAKEN regulations and tracebacks fully implemented for calling, more legislation will follow, and fines are into the hundreds of millions for callers who spam (ye p, the car warranty guys!).

At the same time, carriers have been feverishly implementing their own text messaging rules, reviews, and fees in an attempt to head off FCC involvement. With these efforts still evolving, it’s hard to say how effective they are at curtailing spam—or whether the FCC will step in anyway. 

And then there’s the rest of us. Legitimate businesses who just want to communicate with prospects and customers in a timely manner, plus the providers who want to deliver those messages. Caught in the crosshairs of the FCC, multiple carriers, myriad regulations, and fraudsters who-knows-where, it’s hard to keep up and it just keeps evolving. 

That’s why we’re pleased to provide you with this cybersecurity and compliance eBook, covering both calling and messaging. We’ll tell you what you can and can’t do to get content approved quickly and keep it flowing (and what to do if your calls come up as “Spam” anyway, or your messaging campaigns are rejected). How to protect your business and your communications. And because things keep changing, how to pick an expert provider and where to find some great resources. 

Last but not least, we strongly recommend that you assign a compliance officer within your company (in addition to your chief information security officer or similar). This doesn’t need to be a full-time person, depending on company size, but someone who stays current on the latest requirements and is a stickler for detail, who will review all your communications before they go out. 

We won’t sugarcoat security and compliance in the cloud. It’s complicated. If you do it right, though, it’s worth the effort. So here’s to happy (and compliant) calling and messaging! 

Get your copy of Commio's eBook which contains more than a dozen resources, tips, and how-tos:
http://www.commio.com/compliance-ebook

Learn more about Commio at commio.com.

Transcript

Tim, welcome to the CommioCast. I'm Tim McLain, the Director of Marketing here at Commio. Thanks for tuning in. Here we talk about all things cloud communications, think modern calling and text messaging and more, all in the cloud. Today, we're covering two very important topics, communications, compliance and cyber security, because gone are the days of sending voice or messaging traffic without the need for providers to verify your company as a legitimate sender or file your messaging campaigns with the campaign registry. In reality, it takes a full or part time compliance officer to keep up with the ever changing rules and regulations that are now the norm in cloud communications. Commio's ebook provides you with everything you need to understand what you can and can't do to get content approved quickly and keep it flowing. You can get a copy of our full eBook at commio.com/compliance-ebook - our hosts, Micah and colleague join us from their virtual recording studio at notebook LM to break it all down. Guys take it away. 

All right, so we're diving into cybersecurity and compliance in cloud communications today. Yeah, a lot of information here. Yeah, it looks like FCC regulations, carrier rules, Sam prevention, spam prevention. Yeah, the whole shebang. It really is the whole picture. Yeah, yeah. So we want to make sure our listeners know how to keep their businesses safe and their communication channels flowing smoothly. And it's interesting, you know, think about this topic, because it wasn't that long ago that cloud communications were all about the technology, right? The integrations, customization, you know, the nuts and bolts of it, all the tech side, yeah. And now it's really shifted to security and compliance, well. And it makes sense, like, when you think about it, like, How many times have we gotten those scam likely calls? Oh, I know it's a nightmare for individuals, businesses, for businesses, for everybody. Yeah, good time. So, and I know, like the FCC has taken a lot of action. They have to try to prevent that with stir shaken. Okay, so stir shaking. Can you break that down for us? Yeah. So it's supposed to combat spoofing by verifying caller ID, okay? Essentially, it assigns a certificate to a call to verify where it came from, gotcha, so that scammers can't pretend to be a legitimate business, so like a digital fingerprint, yeah, exactly like that. Okay. But the thing is, it's not a perfect system, really, businesses following all the rules can still get flagged as spam. So even if I'm doing everything right, I can still end up in that spam folder. Yeah. And even worse, you have to pay the same companies that flag you to get unflagged. Wow. Talk about a conflict of interest. Really makes you think, huh? So what can businesses do to, like, avoid being flagged as spam. Well, you got to remember to think about it from the customer's point of view, right? Like, if you call someone five times in a row at dinner time, even if it's technically allowed, it's just annoying, right, right? Even small things can trip those spam filters. Oh, really. Like using one phone number for all your outbound calls, huh? That can look suspicious, can Yeah, the analytics engines might think it's a mass dialing operation. Oh, okay, so you want your communication to feel natural and personalized like a real person. Exactly. Okay. So what about text messaging? Oh, text messaging, because it feels like every business is using that now, yeah, it's an incredibly powerful tool, but it has its own challenges. I bet we're talking short codes, long codes, toll free numbers, each with their own rules. Okay, so break those down for me, like, what's the difference between those different types of messaging? So short codes, those are those five or six digit numbers, right? Like for voting on a show or something? Yeah, exactly. Okay. They're great for high volume messaging, right? But they can be expensive and require a long approval process. Gotcha. So then long codes are just regular phone numbers, right? Tim, DLC, they're becoming really popular for businesses. They're more affordable and flexible. So what's the catch? Registration can be a nightmare, really. The source material actually called it a wild west. Oh, wow, yeah, lots of moving parts. I bet different requirements for each carrier. It's a real challenge, yeah, but if you get it right, it's worth it, because texts have like, a 98% open rate that's right, way higher than email. That's incredible. It is. So even though it's complicated, it's worth it to find a messaging partner who can help you. Okay, so choosing the right messaging partner is crucial. Absolutely. You need someone who's not just keeping up with the rules, right, but who's actually ahead of the curve, okay, someone who shares your values, gotcha, is transparent about their processes, makes sense, and is proactive about fraud prevention. Okay, so like, how do I know if they're being proactive? Well, do they have strong monitoring systems? Okay? Are they always updated?

Their security, right? You know, like, are they really trying to stay ahead of the bad guys? So it's like choosing a security system. You don't want something outdated, right? You want the best, latest technology, and you want a partner who will educate you, make sure they give you good guidance on how to do things, right? So it's not just about the tech, it's about having a good partner, exactly. Okay. So beyond that, what else can businesses do to stay safe? Well, remember, cybersecurity is everyone's responsibility, right, not just the IT people. Yeah, everyone needs to be smart about it, yeah, okay, so like strong passwords, multi factor authentication, yep, all those basic things from cybersecurity, 101, right? The simple stuff, it's easy to overlook, but it's so important, because criminals are always looking for the easiest way in exactly they go for the weakest link, and often that's a person, Oh, wow. So we need to understand why they do what they do. Oh, it's like understanding their psychology, yeah. Like, if we can figure out their motives, we can stop them, right? That makes sense. And the FCC is really cracking down on providers these days. Oh, really, yeah, they're making them more responsible for what happens on their networks. Okay, so businesses need to be careful who they choose as a provider, so do your research Exactly. Make sure they're doing everything they can to prevent fraud, because I was actually surprised to learn that the FCC can demand that providers respond to trace back requests for illegal calls within 24 hours. Yeah, they're not messing around. Wow. So it's not just about businesses taking responsibility. It's about the provider stepping up too. It's about everyone working together. Okay, so VoIP is a big thing now, huge, and I know that's a target for fraudsters big time. It's called toll fraud. Toll fraud, yeah, they exploit vulnerabilities in VoIP systems to make expensive calls on your dime, exactly. But there are things you can do to protect yourself, strong passwords, secure networks, being proactive about threats. Okay? And for VoIP specifically limit call destinations and set up alerts for weird activity. So like, if there's a bunch of calls to like, I don't know Uzbekistan exactly, that's probably suspicious. Yeah, yeah. So be vigilant. Don't wait until something bad happens. Be proactive exactly, and choose your VoIP provider carefully, just like your messaging partner, okay, make sure they're serious about security. Makes sense. It's a wild world out there. It really is. But with the right knowledge and partners, we can stay safe. I hope so me too. We got to. We do. So it seems like every time there's some new technology, you know, oh yeah, there are always fraudsters trying to exploit it. Absolutely it's like a game of cat and mouse. It really is, and that's why you always have to be learning, right, adapting, because what worked yesterday might not work tomorrow. So what are some of the like, big takeaways from what we've talked about so far? Hmm, well, I think the biggest thing is that cybersecurity and compliance are not just, like, one time things okay, they're constantly changing. So you can't just, like, set it and forget it. Nope. You gotta stay informed. Stay vigilant. Don't get complacent. Exactly. Complacency is the enemy, right?

And the second thing is that responsible communication is key. Okay? That means dialing, ethically, sending compliant texts, all of it, and always thinking about the customers. Absolutely, you want your messages to be welcomed, not annoying, right? The third takeaway is that strong cyber security is everyone's job, right, not just the IT department. Everyone needs to be involved and then individuals, right? Absolutely, we can all do our part by practicing good cyber hygiene. So, like, what does that mean? Like, what can people do? Well, simple things like having strong passwords, okay, being careful about suspicious emails and links. Don't click on everything exactly think before you click make sense. And finally, finding the right partners is so important, right? Like we were talking about with messaging and VoIP providers, exactly you want partners who prioritize security and compliance and are willing to work with you, collaborate? Yeah. Okay, so it's not just about following rules, no. It's about building a culture of security, understanding the threats and being proactive, right, not just waiting for something bad to happen, exactly. So you're not alone in this, Nope, not at all. And remember, cybersecurity is team effort, it really is. So build that culture of security in your business, empower your employees, make it everyone's responsibility. Exactly. That's how you create the strongest security, right? Working together exactly. Well, I think that about wraps things up for this deep dive, yeah, we covered a lot from stir shaken to building a security conscious culture. It's been quite a journey. It has but hopefully our listeners feel empowered now to take control of their cybersecurity and to keep your communications safe. So stay curious, stay informed and stay ahead of the curve.

Building amazing experiences that engage and delight your customers is easy with Commio. Our smart, reliable voice and messaging solutions are easy to implement and scale with you, so you can deliver more calls and texts, be more competitive and save money. With comio, you get peace of mind and happier customers. Find out why 1000s of software platforms and enterprises trust como with their communications. Get a demo today at commio.com.