Talkdesk enables customers to store and manage call recordings directly on their own Amazon Web Services (AWS) S3 bucket or Microsoft Azure.
How does it work?
Recordings are transferred directly to the customer’s S3 or Azure bucket for storage. This process happens asynchronously for each recording file.
When accessing a recording through the Talkdesk application or third-party Customer Relationship Management (CRM), Talkdesk will create a signed Uniform Resource Locator (URL) for the recording file.
This solution has been designed to maximize data security when working with Talkdesk. Users must be authenticated in order to play the recording, and customers can directly manage access permissions.
Transfer and Storage
Recording files are transferred directly to the customer’s storage location automatically from Talkdesk, and each file’s date/time is stamped by Talkdesk to adhere to the set Talkdesk retention policy.
Talkdesk receives storage acknowledgment to confirm that the file arrived at its intended destination, but does not access to or store the data within its infrastructure at any point in the process. This happens asynchronously for each recording file, meaning that files are processed individually instead of in batches.
Access Control
By default, Talkdesk authenticates users before they can play recordings. Once authenticated, Talkdesk redirects the user via a time-bounded signed URL to play the recording.
Data Disposal
When a recording file exceeds the defined data retention policy within Talkdesk, it is deleted and becomes inaccessible for playback.
Note: Revoking the delete permissions in the custom storage bucket does not prevent Talkdesk from overwriting recordings. We recommend not removing these delete permissions.
The deletion policy must be set in the Talkdesk account Recording Retention Policy settings.
Amazon-based S3 Custom Storage Solution
Server Access
Talkdesk only accesses the customer’s Amazon Web Services (AWS) resources using temporary security credentials instead of long-term credentials. Talkdesk can provide an AWS policy template that contains the proper permissions to work correctly with our recording service.
Note: Learn how to configure a Custom AWS S3 Storage solution by checking this article.
Azure-based Custom Storage Solution
Server Access
Talkdesk only accesses the customer’s Azure resources using secure credentials provided by the customer.
Note: Learn how to configure a Custom Azure Storage solution by checking this article.
Detailed Process Information
Talkdesk records interactions according to the policies configured in each account. Recordings are made in the Talkdesk cloud, before being immediately transferred to the customer’s chosen storage location (when using the custom storage feature), and are then deleted from the Talkdesk cloud once confirmation has been received that the transfer has been completed successfully.
If a customer switches from a Talkdesk-provided S3 bucket to a different customer-provided (custom) S3 or Azure bucket, this will apply to new recordings being made from that point forward. Existing recordings will not be copied to the new custom storage bucket, but will remain accessible in the Talkdesk bucket for playback purposes. All workflows and logic tied to Talkdesk bucket recordings (access permissions, deletion policy) remain the same in the custom storage bucket, as stated in the customer's Talkdesk account Recording Retention Policy settings.