The security threat landscape for contact centres is rapidly evolving and increasingly unpredictable.
From the front-end, contact centres are seeing a rise in sophisticated fraud techniques targeting agents and customers, like social engineering, Interactive Voice Response (IVR) mining and identity theft. From the back-end, their infrastructure is being bombarded by the relentless increase in cyberattacks, while managing an expanding attack surface caused by the shift to hybrid working.
Once-trusted defences like static rules-based solutions, verification procedures and traditional firewalls are struggling to keep up.
Organisations need a holistic strategy that can keep them protected from every angle.
Securing your back-end
For end-to-end protection, you need to focus on upgrading security across your networks, data and infrastructure:
Start at the edges: many remote working agents and employees now rely on their home broadband to run core applications and use their own devices to access the network. Some may even be using unsupported software or tools. Take back control with an in-depth review of your firewalls, access rights and devices, right down to the furthest edges of your expanded network. Crucially, make sure users can only access the applications and data they need so that in the event of a compromise, an attacker won’t be able to travel across your systems or network. Then, without fail, every time a member of staff leaves, revoke their permissions immediately.
Keep on top of your data: start to build a thorough knowledge of your data ecosystem. With hybrid working and the rise of cloud contact centres, data is now often dispersed across multiple locations and platforms. Not only does this make it harder to know where your critical information is, it also creates blind spots which can increase the possibility of an undetected breach. Without a full picture of your environment, you risk exposing your network and services to more threats and causing greater damage while attempting to solve an issue.
Monitor your cloud: a cloud access security broker is an invaluable resource for getting a clearer view of what’s going on across your cloud environment. It allows you to monitor corporate information, assess security and see who is accessing your network at any given time. The right partner should offer real-time traffic analysis in order to identify any risky user behaviours and rapidly alert you to external attacks via the cloud.
Protecting your front-end
There are also some essential precautions you should be taking to protect your customer-facing services, practices and people:
Adopt contact centre best practice: to identify where process and agent vulnerabilities exist across your contact centre operation, explore opportunities to incorporate data encryption, analyse call drivers and secure call recording. Also make sure to consult legal and compliance expertise across every region that you’re operating in. Failure to comply to regulations can not only result in large fines, but it can also impact your business and its reputation.
Train your agents: all agents should be given proper fraud prevention training and taught cybersecurity best practice to help them understand the extreme lengths criminals will go to. This should make them aware of common tactics and exploits that can easily trick them into revealing confidential information and alert them to potential cyberattacks such as phishing.
Upgrade authentication: regardless of training, agents are only human and will naturally make mistakes. Levelling up your authentication and verification strategies to move away from traditional knowledge-based authentication methods significantly reduces the likelihood of an attacker slipping through the net. For example, multi-factor authentication requires two different methods of verification, and limits the potential damage of stolen credentials like passwords or personal identification being used maliciously. In fact, intelligent solutions like AI-driven voice biometrics can be integrated into interaction channels to passively identify customers and fraudsters using only the unique characteristics of their voice. And if incorporated into the IVR, these solutions can authenticate customers before they even reach an agent.
Consult the experts
We have a strong track record and detailed knowledge of fighting fraud and cybercrime in the contact centre, as well as maintaining secure and reliable infrastructure. Around the clock, our team of over 3,000 dedicated security experts monitor and manage our networks and services to stay one step ahead of attacks.
We also have strategic partnerships with Smartnumbers and Nuance, which means we can integrate their solutions, like state-of-the-art authentication and AI-based behavioural, conversational and voice biometrics, into any contact centre.
Download our whitepaper to start your journey to an end-to-end secure contact centre today.