System and method for encrypting and recording media for a contact center

The invention claimed is: 1. A method for recording media for a contact center comprising: receiving, by a switch, a telephony call for establishing communication between a first communication device and a second communication device; determining, by a processor coupled to the switch, that media exchanged between the first communication device and the second communication device during the telephony call is to be recorded; bridging, by the processor, a media path between the first communication device and the second communication device; cause replicating, by the processor, of the media exchanged in the media path; encrypting, by the processor, the replicated media via a first cryptographic key for storing the encrypted media in a storage device; encrypting, by the processor, the first cryptographic key via a second cryptographic key for storing the encrypted first cryptographic key in a metadata file for the encrypted media, the metadata file being stored separately from the encrypted media and storing an identifier to the encrypted media, wherein the second cryptographic key is stored as part of a series of keys in an interactive voice response (IVR) profile; re-encrypting, by the processor, the first cryptographic key corresponding to the encrypted media and a plurality of other encrypted media using a third cryptographic key; and retrieving, by the processor, the encrypted media for playback based on the identifier to the encrypted media. 2. The method of claim 1 wherein the first cryptographic key is a symmetric key and the second cryptographic key is a public encryption key. 3. The method of claim 2 , wherein the first cryptographic key is a session key randomly generated by the processor. 4. The method of claim 2 , further comprising: identifying the third cryptographic key; re-encrypting the first cryptographic key via the third cryptographic key; and modifying the metadata file based on the re-encrypted first cryptographic key. 5. The method of claim 1 further comprising: retrieving the encrypted first cryptographic key from the metadata file associated with the encrypted media; decrypting the first cryptographic key based on a decryption key corresponding to the second cryptographic key; decrypting the encrypted media based on the first cryptographic key; and providing an audible rendering of the decrypted media. 6. The method of claim 5 further comprising: receiving a passphrase; and accessing the decryption key based on the passphrase. 7. The method of claim 1 , wherein the determining is based on a request received by the processor to record the media, wherein the request is transmitted by a call controller configured to set up and tear down the media path between the first communication device and the second communication device. 8. The method of claim 7 , wherein the bridging further includes: receiving by the processor from the call controller, first media session information and second media session information corresponding to the telephony call for respectively the first communication device and the second communication device; establishing a first portion of the media path between the processor and the first communication device based on the first media session information; and establishing a second portion of the media path between the processor and the second communication device based on the second media session information. 9. The method of claim 1 , wherein the data storage device is configured to store media recordings for a plurality of contact centers, the data storage device being accessible over a wide area network. 10. The method of claim 9 , wherein each contact center is associated with a different second cryptographic key, the method further comprising: retrieving the second cryptographic key from a profile record stored in association with one of the plurality of contact centers. 11. The method of claim 1 , wherein the encrypted media comprises a plurality of segments, and the metadata comprises data identifying a link between different ones of the segments. 12. A system for recording media for a contact center comprising: a switch configured to receive a plurality of communications for routing to one or more communication devices; a processor coupled to the switch; and a memory coupled to the processor, wherein the memory has stored thereon instructions that, when executed by the processor, cause the processor to: receive, by the switch, a telephony call for establishing communication between a first communication device and a second communication device; determine that media exchanged between the first communication device and the second communication device during the telephony call is to be recorded; bridge a media path between the first communication device and the second communication device; cause replicating of the media exchanged in the media path; encrypt the replicated media via a first cryptographic key for storing the encrypted media in a data storage device; encrypt the first cryptographic key via a second cryptographic key for storing the encrypted first cryptographic key in a metadata file for the encrypted media, the metadata file being stored separately from the encrypted media and storing an identifier to the encrypted media, wherein the second cryptographic key is stored as part of a series of keys in an interactive voice response (IVR) profile; re-encrypt the first cryptographic key corresponding to the encrypted media and a plurality of other encrypted media using a third cryptographic key; and retrieve the encrypted media for playback based on the identifier to the encrypted media. 13. The system of claim 12 wherein the first cryptographic key is a symmetric key and the second cryptographic key is a public encryption key. 14. The system of claim 13 , wherein the first cryptographic key is a session key, wherein the instructions further cause the processor to randomly generate the session key. 15. The system of claim 13 , wherein the instructions further cause the processor to: identify the third cryptographic key; re-encrypt the first cryptographic key via the third cryptographic key; and modify the metadata file based on the re-encrypted first cryptographic key. 16. The system of claim 12 , wherein the instructions further cause the processor to: retrieve the encrypted first cryptographic key from the metadata file associated with the encrypted media; decrypt the first cryptographic key based on a decryption key corresponding to the second cryptographic key; decrypt the encrypted media based on the first cryptographic key; and provide an audible rendering of the decrypted media. 17. The system of claim 16 , wherein the instructions further cause the processor to: receive a passphrase; and access the decryption key based on the passphrase. 18. The system of claim 12 , wherein the instructions that cause the processor to determine that media exchanged is to be recorded is based on receipt of a request to record the media, wherein the request is transmitted by a call controller configured to set up and tear down the media path between the first communication device and the second communication device. 19. The system of claim 18 , wherein the instructions which cause the processor to bridge the media path further cause the processor to: receive from the call controller the first media session information and the second media session information corresponding to the telephony call for respectively the first communic