As the lifeforce of your call center, your customer should always come first—that includes keeping them safe from cybercriminals who are on the hunt for customer data.
It’s easy to get caught up in performance metrics and service levels, but as a call center leader, security should also be at the forefront of your concerns. Call centers are at a higher risk of facing data breaches in the wake of COVID-19. Cybercriminals are aware that many businesses have pivoted to provide either all or most of their services online and via contact centers.
It’s more important than ever that call centers are ready for whatever fraudsters throw their way. We’ve put together a detailed guide to help you get started!
Why call center security is essential.
Call center security can prevent problems like data breaches, keeping your customers’ sensitive information safe, and ensuring your call center’s reputation remains spotless. On top of the ethics of keeping customer data secure, there are many laws that data collection sites must comply with. A couple key regulations include:
- The Payment Card Industry Data Security Standard (PCI-DSS) – requirements developed by global credit card brands that set the standard for the handling of customer credit card numbers and other sensitive data. Financial service call centers aren’t the only ones that need to worry about PCI-DSS. Every call center that uses any kind of credit card information must ensure they’re PCI compliant.
- The Health Insurance Portability and Accountability Act (HIPAA) – rules and regulations developed in 1996 that monitor the way customer health data is used, stored, and shared.
DID YOU KNOW?
Fonolo Voice Call-Backs are highly secure, and trusted by businesses in finance, healthcare, and more. Learn more about our security appliances.
Security threats call centers face.
There are two main types of threats that call center management and IT need to consider for customer data safety:
Although some of these threats are as insidious as they sound (the odd disgruntled employee hoping to make a quick buck from fraudsters), mostly internal threats are a result of call center agent error.
For example, an agent might open a link in a phishing email sent by a cybercriminal to gain access to the agent’s computer. Sometimes, employees may not be paying attention to documents that contain customer data, which have been left out for other eyes to see. Many internal threats are simply accidents and can be avoided with a proper call center security training plan that all employees must take part in and keep up to date with.
If a cybercriminal attempts to infiltrate a call center’s established security measures, they’re considered an external threat. Though there are a multitude of ways cybercriminals can gain access to information, one in particular is becoming increasingly popular in the call center world. Account Takeover (ATO) is an act of identity fraud where a cybercriminal poses as a customer to a call center agent in an effort to gain access to the customer’s personal information.
According to the 2020 Javelin Identity Fraud Study, the number of ATOs that took place in 2019 was up by 72% from the year prior—a staggeringly large jump that shouldn’t be taken lightly.
5 important call center security requirements to protect customer data.
With the increasing threat of ATOs, it’s essential that all call centers implement and maintain strict security requirements to stop cybercriminals in their tracks. Here are 5 things call center agents, management, and IT can do to help keep customer data secure:
1. Start using multi-factor identification.
2-step verification is a practice being used by many apps and websites currently as an added method of account protection for customer security. Basically, the customer enters their account name and password and then an extra security code is sent to a device of their choice (generally email or SMS). The customer then enters this code into the provided area and is logged into their account easily and safely.
When it comes to calls with live agents in the contact center, technology exists that sends an SMS to the mobile number on the caller’s account, which asks them to verify that they are in fact calling. This provides an extra layer of security against cybercrime like ATOs for both agent and customer peace of mind.
2. Encrypt all data, whether resting or in-motion.
Invest in encryption technology to protect customer data from unsavory eyes. In simple terms, data encryption technology rewrites data to be illegible to anyone who doesn’t have the decryption code. When the data needs to be accessed, an employee can access data simply with a password or other code.
3. Control access on a user-by-user basis.
Not every employee in a call center needs access to every piece of information stored in the systems. Cloud technology often allows for the setting of specific user permissions to ensure certain information stays private to individuals who don’t need it.
For example, if a user is set up as a call center agent, they’ll automatically be granted access to different information than someone who has been set up as a manager.
4. Leave less data collection to auditory agent interactions.
One sure-fire way to experience a data breach is through the traditional auditory collection of sensitive information like credit card numbers and social insurance numbers.
Now, you can set your call center up so that whenever a customer needs to share a piece of numerical data, they can easily type the number into their keypad so any outsiders who may be listening don’t have a way to recognize the number being typed.
5. Operate your entire call center on the cloud.
Cloud products tend to be the safest options because cloud providers take strict security measures to protect their customers’ data. Their reputation as a service is on the line, so investment in security is always a top priority of cloud providers.
Fonolo uses cloud technology because it’s the safest and most effective way to serve customers while offering the best customer experience. Transitioning all your technology to cloud services is a great way to tighten up call center security.