SOURCE: Varolii


May 20, 2011 09:00 ET

Varolii Continues to Deliver Superior Security Standards With Annual PCI Compliance Certification

Re-Certification Ensures Secure Self-Service Payments Used by Nation's Largest Financial Services, Utilities and Telecommunications Carriers

SEATTLE, WA--(Marketwire - May 20, 2011) - Varolii Corporation, the market and technology leader in proactive outbound communications (business-to-consumer, automated text messaging, interactive voicemail and email communications), has achieved its annual recertification of Level 1 Payment Card Industry Data Security Specification (PCI DSS) compliance. The rigorous third party auditing that supports PCI DSS certification provides evidence that Varolii has the right security policy, processes and controls in place to protect customer credit cardholder data. With a comprehensive five-layered security program, Varolii ensures client data protection while securely delivering more than five billion intelligent, personalized communications to consumers and employees on behalf of healthcare, financial services, utilities, retail, airlines and telecommunications companies.

"As a Software-as-a-Service solution provider, our priority is to ensure the safety of our clients' data and their consumers' personal information," said Will Longman, Chief Security Officer for Varolii Corporation. "Our clients rely on us to uphold the highest levels of security. This annual compliance is an important milestone in validating those levels of protection."

Varolii's security program is formally aligned to the requirements of the ISO 27000 Series standards -- an internationally recognized framework which outlines best practices for a comprehensive information security management program that provides risk management and security controls for all enterprise data, rather than just a particular subset governed by specific regulations. By conforming to the ISO 27000 Series, Varolii ensures compliance with all security standards governed by specific regulations including Service Provider Level 1 PCI and the National Institute for Standards and Technology 800-53 Information Security Standards. Varolii also regularly submits to client audits.

Varolii's five-layer security strategy includes the following:

  • Privacy Protection -- Protection of private information that adheres to privacy regulations, such as Gramm-Leach-Bliley and HIPAA. Varolii also supports the privacy of E.U. citizen data through certification by the U.S. Department of Commerce Safe Harbor Program.
  • Network Security -- Varolii Interact Platform is protected by multiple layered firewalls, two-factor authentication for network access, network and host-based intrusion detection software and automatically updated anti-virus software. Network, hosts and applications also undergo weekly vulnerability scans.
  • Facility Security -- Varolii's outbound communication systems are hosted at multiple carrier-class/TIA-942 Tier III data centers that are geographically dispersed and which undergo annual SAS70 Type II certification of their rigorous security controls. These controls include round the clock security guards, biometric access authentication, extensive video surveillance, and intrusion monitoring.
  • Data Security -- Varolii uses the strongest encryption to protect customer data and communications. The integrity of messages during transmission is protected using industry-standards, 128-bit Secure Socket Layer (SSL) encryption, and all data residing in the Varolii database is protected using the 256-bit Advanced Encryption Standard (AES).
  • Personal Data Security -- Access to consumer data is restricted to a small number of authorized employees who use two-factor authentication over a VPN connection. All employees are subject to a background check, including federal and local criminal records before being hired.

About Varolii Corporation
Varolii is the market and technology leader in smart, automated communications. Its on-demand communication solutions help organizations easily and effectively reach and interact with large numbers of customers and employees, reducing operational costs and improving service. Varolii provides the industry's only cross-channel communications technology, which blends voice, SMS and email into a single conversation and provides recipients with multiple options to take action. At the heart of the on-demand platform is Varolii ID™, which automatically analyzes each recipient's past responses to personalize future communications. With Varolii, organizations can execute true 1-to-1 communication on a large scale, achieving better results from fewer notifications. More than 380 companies trust Varolii to send over four million communications every business day. For more information, visit

Contact Information

  • For more information:
    Jessica Kendall
    Edelman PR
    206-268-2231 (office)
    210-859-6971 (mobile)
    Email Contact