Personalise your experience

Get the latest insights relevant to your sector.

Blog · 09 Mar 2021

4 routes to securing your contact centre now agents are working from home

Organisations need to review and improve their contact centre security to adapt to a more permanent homeworking environment, or risk security breaches.

Natalie Walker
Senior manager, Managed Security Services, BT

When lockdown hit, the first big wave of contact centre activity focused on getting agents connected to the systems and data they need to keep serving customers and, for some organisations, this involved accepting quick workarounds to preserve business continuity.

Security wasn’t always the prime consideration – and that must change if organisations are to keep data secure, stay compliant and keep their customers’ confidence.

Consumers demand security from the contact centre

The latest round of our Autonomous Customer research underlines just how important security is to contact centre users, and how much they expect the organisation to step up and protect their data.

What jumps out at me from the research and reveals the true extent of consumer concern is that 74% worry about security when giving organisations their card details over the phone. Contact centre users feel vulnerable and are ready to welcome technologies that can protect them: 58% like the idea of AI-powered voice identification technology to speed up verification and to reduce the chances of fraud.

Customers expect a secure contact centre, so what should organisations be focusing on to make this a reality in a homeworking environment?

1. Understand the impact of new ways of working

Now your contact centre agents are working from the spare room or the kitchen table, it’s important to think through all the ways this change of environment can affect your security.

As homeworkers, your agents are now using their home broadband to connect to your network and access the core applications they need to do their job. Often, you’ll have no idea what security protocols their ISP has in place, so you can’t rely on them. There’s also a very real danger that the rapid switch to homeworking has left agents struggling at times to deliver for customers. This can lead to agents trying to find workarounds that will help them, from connecting their own devices to your network, to downloading unsupported tools and software.

To tackle this, think about how you can move your security measures to the new edges of your network – the devices your agents are using. I’d also review your firewalls to offer maximum protection to home internet connections. Plus, by making sure agents can only access the applications and data they have permissions for, and revoking these permissions when people leave, you further protect your data.

2. Review where your data is and what it means for compliance

Moving your contact centre to the cloud brings increased distribution and decentralisation of data, making it harder for you to know where your critical information is. Data blind spots can develop easily, bringing the possibility of a data breach that you don’t even know about.

It’s only when you can track information wherever it is in your organisation that you can achieve compliance with key regulations such as GDPR, HIPAA and PCI DSS. It’s essential to be able to identify the customer data you process, where it’s stored, how it’s processed and how it flows across your organisation. And you must be able to protect that data when it is transferred, handled or shared. This is a particular challenge now customers share their personal information with you across a whole range of platforms, from text, phone and email, to webchat and social media. All three regulations have complex requirements, and non-compliance can be very costly to an organisation.

Start with getting a joined-up view of your data, so nothing falls between the cracks, by adopting an omnichannel approach. Then, review how you’re protecting your data. Look for suppliers who have compliance expertise and offer market-leading solutions that include data encryption and secure call recording.

Think about using a cloud access security broker to monitor access to the data you have in the cloud. It’s ideal for monitoring corporate information to assess its security and who is accessing it, as well as for checking whether your agents are using cloud services they shouldn’t be using.

3. Turn on your human firewall

Now your agents are homebased, and your supervisors can’t actively see them following cybersecurity best practice, you are more reliant on their vigilance to keep your contact centre secure. We know cyber criminals often see inexperienced homeworkers as a prime target, so you need to turn on your human firewall by training your agents in good cyber hygiene.

Make sure your agents appreciate the impact that a breach could have and create a culture that makes it easy for people to do the right thing. Support your agents with training so that they’re on the alert for cyber attacks such as phishing, are rigorous about password security and protect access to their devices. Include guidance about cameras and microphones, to avoid camera hacking and accidentally sharing confidential information.

4. Look to the future with AI

Speaking with a live agent remains the most popular way to get in touch with an organisation and our research shows that 50% of consumers say phoning is the best way to get a result. Voice offers a route to increasing the security of your contact centre, through voice biometrics. It’s a powerful fraud prevention tool because it relies on more than what you say (details that could be fraudulently obtained). Instead, it depends on how you say it, and faking that is way beyond the most sophisticated attacker. Voice biometrics also reduce the time taken to identify and verify a customer, lowering the cost of service and improving the customer experience.

If you’d like to explore how to improve security in your contact centre, get in touch to book a free 30 minute workshop with our experts. And, for the latest insight into the customer and agent contact centre experience, download our 2021 Autonomous Customer research.

When lockdown hit, the first big wave of contact centre activity focused on getting agents connected to the systems and data they need to keep serving customers and, for some organisations, this involved accepting quick workarounds to preserve business continuity.

Security wasn’t always the prime consideration – and that must change if organisations are to keep data secure, stay compliant and keep their customers’ confidence.

Consumers demand security from the contact centre

The latest round of our Autonomous Customer research underlines just how important security is to contact centre users, and how much they expect the organisation to step up and protect their data.

What jumps out at me from the research and reveals the true extent of consumer concern is that 74% worry about security when giving organisations their card details over the phone. Contact centre users feel vulnerable and are ready to welcome technologies that can protect them: 58% like the idea of AI-powered voice identification technology to speed up verification and to reduce the chances of fraud.

Customers expect a secure contact centre, so what should organisations be focusing on to make this a reality in a homeworking environment?

1. Understand the impact of new ways of working

Now your contact centre agents are working from the spare room or the kitchen table, it’s important to think through all the ways this change of environment can affect your security.

As homeworkers, your agents are now using their home broadband to connect to your network and access the core applications they need to do their job. Often, you’ll have no idea what security protocols their ISP has in place, so you can’t rely on them. There’s also a very real danger that the rapid switch to homeworking has left agents struggling at times to deliver for customers. This can lead to agents trying to find workarounds that will help them, from connecting their own devices to your network, to downloading unsupported tools and software.

To tackle this, think about how you can move your security measures to the new edges of your network – the devices your agents are using. I’d also review your firewalls to offer maximum protection to home internet connections. Plus, by making sure agents can only access the applications and data they have permissions for, and revoking these permissions when people leave, you further protect your data.

2. Review where your data is and what it means for compliance

Moving your contact centre to the cloud brings increased distribution and decentralisation of data, making it harder for you to know where your critical information is. Data blind spots can develop easily, bringing the possibility of a data breach that you don’t even know about.

It’s only when you can track information wherever it is in your organisation that you can achieve compliance with key regulations such as GDPR, HIPAA and PCI DSS. It’s essential to be able to identify the customer data you process, where it’s stored, how it’s processed and how it flows across your organisation. And you must be able to protect that data when it is transferred, handled or shared. This is a particular challenge now customers share their personal information with you across a whole range of platforms, from text, phone and email, to webchat and social media. All three regulations have complex requirements, and non-compliance can be very costly to an organisation.

Start with getting a joined-up view of your data, so nothing falls between the cracks, by adopting an omnichannel approach. Then, review how you’re protecting your data. Look for suppliers who have compliance expertise and offer market-leading solutions that include data encryption and secure call recording.

Think about using a cloud access security broker to monitor access to the data you have in the cloud. It’s ideal for monitoring corporate information to assess its security and who is accessing it, as well as for checking whether your agents are using cloud services they shouldn’t be using.

3. Turn on your human firewall

Now your agents are homebased, and your supervisors can’t actively see them following cybersecurity best practice, you are more reliant on their vigilance to keep your contact centre secure. We know cyber criminals often see inexperienced homeworkers as a prime target, so you need to turn on your human firewall by training your agents in good cyber hygiene.

Make sure your agents appreciate the impact that a breach could have and create a culture that makes it easy for people to do the right thing. Support your agents with training so that they’re on the alert for cyber attacks such as phishing, are rigorous about password security and protect access to their devices. Include guidance about cameras and microphones, to avoid camera hacking and accidentally sharing confidential information.

4. Look to the future with AI

Speaking with a live agent remains the most popular way to get in touch with an organisation and our research shows that 50% of consumers say phoning is the best way to get a result. Voice offers a route to increasing the security of your contact centre, through voice biometrics. It’s a powerful fraud prevention tool because it relies on more than what you say (details that could be fraudulently obtained). Instead, it depends on how you say it, and faking that is way beyond the most sophisticated attacker. Voice biometrics also reduce the time taken to identify and verify a customer, lowering the cost of service and improving the customer experience.

If you’d like to explore how to improve security in your contact centre, get in touch to book a free 30 minute workshop with our experts. And, for the latest insight into the customer and agent contact centre experience, download our 2021 Autonomous Customer research.

Contact