In this article, Chris Knauer, SVP and Chief Security Officer at Sitel Group, explores the potential security gaps that may exist in contact centers and how companies can combat these risks.
Data breaches and cybercriminals are the No. 1 threat to businesses’ IT systems. The average cost of a data breach in 2018 was $3.86 million, and it typically took about 266 days to detect and contain just a small breach. These costs can be crippling to companies who have not built cybersecurity into their operations budgets, and the odds of falling victim to a security breach are too high to ignore – more than 30% of organizations have experienced cyber attacks on their operational technology infrastructure. Investing in the technology to defend IT systems and infrastructure is, therefore, a core component of any business with a digital presence – but many businesses, particularly those who outsource, are unaware of security gaps that may exist in contact centers.
Security Gaps in Contact Centers
Customers’ experience with contact centers is often the deciding factor between a positive or negative experience with a brand. As a result, many businesses rationally prioritize the customer experience (CX) as the core function of their contact centers, striving to make customers’ exchange with the brand as friendly, efficient and seamless as possible. But in an effort to close client tickets in a timely manner some contact centers unknowingly leave themselves exposed to potential data breaches.
Call security is another issue; 72% of agents who collected payment data or other personal information over the phone still require customers to read their information aloud, exposing this sensitive information to agents, quality assurance call recordings and nearby eavesdroppers. Even when agents experience a breach attempt, either by company insiders or outsiders, 42% do not report the situation. The combination of exposure and underreporting creates an ideal environment for cybercriminals with malicious intent.
Transitioning Agents from Security Liabilities to Assets
Technology alone is not enough to handle security threats to businesses – nearly 70% of organizations do not believe the threats they see can be blocked by antivirus software. The most important contact center cybersecurity measure a business can take involves providing adequate training for employees. Properly trained and informed employees are the first line of defense for businesses against information security breaches. Armed with the right information and training, employees can work in sync with digital defense security procedures, closing gaps in company firewalls.
Social engineering is one example of an area in which proper training can mean the difference between a data breach and a secure system. Social engineering is a common tactic criminals use to manipulate contact center agents to release confidential information. The typical goal is to extract passwords or bank information by preying on the trust between customers and brands.
For example, a contact-center agent might receive an email supposedly from a customer, including a link to a webpage with which the "customer" claims to be struggling. A well-trained agent will know how to spot suspicious messages, verify the sender and details and avoid clicking on a link which may invite malicious downloads that infect the entire system. Once infected, the malware can go on to wreak further havoc by using customer data to masquerade as the brand and automatically call or email all the brand’s real customers in order to "verify" financial information and extract data. This corrodes trust between brands and customers, especially when the contact center tasked with managing customer experiences is the culprit.
Training to Know When Something is ‘Phishy’
Another common tactic similar to phishing is vishing. The objective is to try to connect with the contact center agent on an emotional level, with the ultimate goal of taking the agent off-script. Typically, the call script agents use controls the quantity and type of information agents can release. Once derailed by a cybercriminal, the agent may no longer operate within security guidelines and breach exposure is increased. This occurs more often where campaigns focus heavily on net promoter scores in which the agent is rewarded for caller satisfaction. The solution here is also training; agents trained to recognize emotionally charged attempts to take the agent off-script can redirect the conversation to return to the script.
The probability and cost of a security breach, both in terms of dollars and goodwill, means that robust employee training cannot be overlooked as part of a business’s security investment. Contact-center agents who are trained to support a brand’s digital infrastructure – from making sure sensitive information is securely recorded in the first place to recognizing malicious breach attempts – become a priceless asset to a business’s security. IT can support this with advanced AI that uses speech analytics and tracks calls in real-time to notice unusual call patterns. This can alert agents to potential fraud immediately. When agents and IT are in sync, businesses can improve their bottom lines in terms of saved expenses. But more importantly, brands with contact-center agents trained in security best practices can continue building the customer trust and positive experiences that are critical to business success.
We are a global outsourcing provider of customer experience management with 150 offices across 25 countries and more than 75,000 associates speaking 48 languages. Our contact center associates deliver customer experiences every day. We are here to help you with any business process outsourcing needs you might have.
Published: Friday, February 28, 2020
|1.)||Call Center Studio|
Call Center Studio
Call Center Studio is the world’s first call center built on Google and is one of the most secure and stable systems with some of the industry’s best reporting. It is one of the most full-featured enterprise grade systems (with the most calling features, one of the best call distribution, outbound dialing features and integrations—including IVR, AI Speech Recognition, blended inbound/outbound calling and includes Google’s new Dialogflow and Speech API. Call Center Studio is the absolute easiest to use (with a 10 minute setup), and is the price performance leader with lower equipment cost and less setup time.
PH: +1 512-872-7565
CLink for CRM and Call Center Integration
CLink by Comsys is a middleware that connects in real-time the CRM and the contact center applications. CLink enhances the CRM with interaction management capabilities from the contact center that allow agents to work more productively across all communication channels.
Comsys is a provider of οmnichannel customer engagement solutions that assist companies around the world in delivering unique customer experiences. For the last 15 years, Comsys designs and implements complex projects for clients from the outsourcing, financial services, telecommunications, and retail sectors. Comsys enjoys strategic partnerships with technology vendors like Cisco®, Aspect Software®, and Microsoft® for the delivery of innovative interaction management and contact center optimization solutions.
IntraNext Systems develops agent efficiency tools and data security software solutions for medium-to-large contact centers. Our Event Intelligence® Platform solutions include SmartCTI™, iGuard®, and SmartSIP™. SmartSIP is based on our patented SIP layer technology and provides a DTMF masking solution for VoIP environments.
We know how important it is for a business to obtain data from its customers and to manage them effectively, so we help small to large companies by integrating their CRM with the Virtual Switchboard.
This type of integration will simplify the work of your team and improve the management performance of the contact list and its information.
PH: +34 952 667 511
NovelVox CTI Connector
NextGen Cisco Finesse, Genesys & Avaya Embedded CTI Connectors for Salesforce, Microsoft Dynamics, ServiceNow, Zendesk & more.
PH: (+1) 301 202 3672