Cookie Preference Centre

Your Privacy
Strictly Necessary Cookies
Performance Cookies
Functional Cookies
Targeting Cookies

Your Privacy

When you visit any web site, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences, your device or used to make the site work as you expect it to. The information does not usually identify you directly, but it can give you a more personalized web experience. You can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, you should know that blocking some types of cookies may impact your experience on the site and the services we are able to offer.

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site may not work then.

Cookies used

Performance Cookies

These cookies allow us to count visits and traffic sources, so we can measure and improve the performance of our site. They help us know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you have visited our site.

Cookies used

Google Analytics

Functional Cookies

These cookies allow the provision of enhance functionality and personalization, such as videos and live chats. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these functionalities may not function properly.

Cookies used




Targeting Cookies

These cookies are set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant ads on other sites. They work by uniquely identifying your browser and device. If you do not allow these cookies, you will not experience our targeted advertising across different websites.

Cookies used


This site uses cookies and other tracking technologies to assist with navigation and your ability to provide feedback, analyse your use of our products and services, assist with our promotional and marketing efforts, and provide content from third parties


Here are some suggested Connections for you! - Log in to start networking.

Sefanaia Silimaibau
Supervisor Quality Assurance & Trainer
Aprialdi Hendryana
Assistant Vice President
Vijay s

Article : Remote Working for Contact Centres - How to Make Sure Security Isn't Compromised

#contactcenterworld, @eckoh

Why contact centres need to retrace their steps urgently

With customer service at stake, contact centres had little time for attention to detail when rushing into remote working. Gaps in processes and policies are being exposed, whether organisations actually realise this or not.

A recent survey has found that 71% of UK contact centres were not fully ready for remote working during the COVID-19 lockdown.[2] Two thirds had to invest in additional hardware, such as laptops, media servers, networking devices and other hardware. Then there were licenses and a bundle of other issues to think about.

But that's not all. In the stampede, it's been easy to overlook major security implications.

This guide will help you retrace your steps and fix critical vulnerabilities. It's time to get out of crisis mode — and into the safe zone.

Contact centres: Remote working means your attack surface has widened

Normally, IT security strategy focuses on narrowing the ways your organisation could be exposed to attack. There's a tight perimeter around your IT — and it's where you ramp up protection.

But now, your 'attack surface' has widened massively. There's the potential for criminals to steal sensitive data by targeting your remote staff.

Criminals now have more targets and potentially more opportunities, simply because the home environment may not be as secure as the contact centre premises.


So how do we start to remedy the risks?

It's essential to focus on the people, processes and technology involved, so we can mitigate dangers.

Let's take a look at each of these...

Your people: How to avoid having any 'soft targets'

Your employees' security awareness and vigilance is critical to your protection and compliance — and should now play a greater role in company culture.

Four top areas where you need to focus

  1. Devices used by your employees

With remote working, the issue of which devices your staff will use comes right to the top of the agenda. However, this poses a multitude of questions that need answering.

Use of personal devices brings a lack of visibility of the operating systems used, the software that is installed, the level of patching that is done and the threat of installed malicious software.

  1. How staff connect to you

A further concern is how your end-users are connecting to your systems and crossing account data from unsecured locations. You need to know:

Are they are connecting from public networks?

Are they using home or shared networks?

What other devices are connected to these source networks?

  1. Email phishing attacks

You’ll already have heard of these and may have identified increases in phishing attacks — some specific to COVID-19.

Phishing emails can be highly effective because they’re targeted and aim to take advantage of a current crisis. They play on human emotions in a pernicious way and instil a sense of urgency. They also demand action so that end users click on a link or open an attachment.

  1. Non-approved cloud services

Are staff using personalised or non-approved cloud services to store company data? Perhaps they’re doing this in the spirit of productivity, but does it expose you to PCI DSS, GDPR or other compliance risks? You need to know:

Which non-approved communication channels are being used by your agents?

Is integrity and confidentiality being compromised?

Have any of the solutions being used been shown up to have fatal weaknesses?

How to mobilise your employees as part of your security response

Communicate with them frequently around cyber security, awareness and risks — and make this part of your ongoing strategy. Make sure staff are aware of the security challenges of home-working, such as the increased likelihood of data leakage and the threats posed by phishing attacks.

Encourage reporting so people tell you about suspicious emails. Many employees may receive the same email — and so someone's early warning could help IT teams to detect and defend against these attacks.

Create a safe environment to report suspected breaches. Recognise that — while we all aim to avoid clicking on a link — lapses will happen and phishing attacks are becoming more sophisticated and convincing. So, ensure people feel safe to report suspected breaches in a blame-free way. That's because clicking on a link and not reporting it could be the worst outcome of all.


Your processes: Where to set your priorities

With remote working, many standard IT procedures need an urgent recalibration.

Asset management

As we shift to more remote working, employees may have been permitted to take assets home and out of the work environment. It’s vital to understand that assets often include data, such as customer information or intellectual property, that you need to protect. Asset management will give you control of your equipment, which has a monetary and security value. Having procedures in place should ensure assets are tracked and returned when needed.


Reinforcing your acceptable use policy

Your use policy should have clear rules about what's allowed when employees use company equipment. State that company equipment should be used only for work purposes (even when in the home environment). Make your users aware of what cloud providers and services they can use — as this will mitigate some risks of data and leakage into those cloud providers you don't know about.

If you don't issue company equipment, encourage your employees to follow good cyber hygiene and safe working practices with their own devices. Advise them to patch regularly and make them aware of the emerging threats that may impact their security.


Remote access procedures

You need multi-factor authentication — it's a 'must'. Also, end users who are connecting on personal devices must provide you with information about their operating systems and whether they have antivirus software. This will give you some level of visibility of connected devices as well as potentially enabling you to prohibit the connection of out-of-date or unsupported devices.


Starter and leaver procedures

An economic downturn will result in some organisations reducing staffing levels. So, validating the ‘leaver’ process becomes crucial to security. You must ensure that departing users don’t have any residual access rights (across your own systems as well as any cloud solutions or other services they have been using). At the same time, refresh your procedures for new starters and movers, so they're up to date with the new security realities of remote working.


Business continuity testing

This is important in challenging times. By working smartly and being open to change when any shortcomings are highlighted, you can help keep security central to the decision-making process. This will enable you to adapt rapidly in a secure and compliant way.


Your technology: Maintaining PCI DSS compliance in a different world

In so many cases, IT leaders have done a phenomenal job, leading their organisations through a storm by provisioning tech and services to maintain essential business services.

Perhaps you've had to re-shape the way your company works to incorporate on-premise and remote operations — and it's saved the day in many ways? Maybe this has underlined the importance of a flexible IT strategy and the need for innovation?

If so, then an obvious move for organisations to consider is the de-scoping of their contact centres (and remote workers) from PCI DSS by teaming with a third-party partner for payments processing. This can significantly reduce the compliance challenges from everyday security threats and major challenges that arise unexpectedly.

The security rationale and business case for keeping sensitive information out of your entire (office and remote) environment through de-scoping has never been stronger.

Aside from this, here are seven actions for organisations to strengthen compliance:

Reach out to your technology vendor, highlighting your changing needs.

Do due diligence when evaluating any IT solutions to make sure that you receive an attestation of compliance — for example, if it’s a PCI DSS compliant solution.

Review the responsibility matrix to make sure that it is going to meet your needs.

Adopt a multifactor authentication approach because there’s a lot of technologies out there that might seamlessly integrate into a wide variety of both VPN endpoints and end user devices.

Consider email filtering. It offers good protection against phishing attacks

Flag external source emails. This can help users to identify malicious emails that pretend to be from colleagues. It can help them understand the risks and identify future suspicious emails and content.

Scan connected devices to identify malicious traffic that’s originating from some of your connected entities. Carrying out log reviews that will help you discover if any suspicious behaviour is occurring such as numerous failed login attempts or attempts to access unauthorised areas.

Using security to give your organisation the edge

A crisis poses challenges but it also provides the opportunity to re-shape and then re-examine your employee policies, business processes and technologies. It’s important that we recognise any shortcomings — so security is kept front-of-mind and becomes embedded in an organisation’s culture. It will make any plans you have more robust and fit for purpose in the future.

#contactcenterworld, @eckoh

About Eckoh:
Company LogoEckoh is a global provider of Secure Payment and Customer Engagement solutions via our Eckoh Experience Portal. We’ve an international client base and offices in the UK and US. We're providers in transforming contact centre operations by delivering customer experiences across every channel, boosting agent productivity, reducing operations costs and maximising payment security. We’ve over 20 years’ experience in contact centre technology solutions. Eckoh has been a PCI DSS Level One Service Provider since 2010.
  Company Blog   Company Facebook   Company Twitter   Company YouTube   Company Profile Page

Today's Tip of the Day - Let Your Agents Do the Talking

Read today's tip or listen to it on podcast.

Published: Wednesday, July 22, 2020

Printer Friendly Version Printer friendly version

2024 Buyers Guide Inbound Call Handling Services

Premium Listing
Call Center Studio

Call Center Studio
Call Center Studio is the world’s first call center built on Google and is one of the most secure and stable systems with some of the industry’s best reporting. It is one of the most full-featured enterprise grade systems (with the most calling features, one of the best call distribution, outbound dialing features and integrations—including IVR, AI Speech Recognition, blended inbound/outbound calling and includes Google’s new Dialogflow and Speech API. Call Center Studio is the absolute easiest to use (with a 10 minute setup), and is the price performance leader with lower equipment cost and less setup time.


Telephone Answering Services
Answer4u offers both SME and corporate sized businesses Telephone Answering Services delivered by our team of professional receptionists. They are all trained to answer your calls, in your company name, whenever you need them most.

All of our client calls are answered in our Nottingham offices, in the heart of England. We have agents working on a 24/7 basis, meaning all calls are answered through the day and night by UK based operatives. No calls are ever outsourced or go to an answering machine.

Each of our clients has their own personal Account Manager, who heads a team of trained receptionists. Our receptionists answer the phone in your company name, explain to your callers that yo...
(read more)

Connect Assist

Contact Centre Services
We’re a specialist Contact Centre business and market leaders helping socially focused organisations deliver quality support to their clients and service users. We do this by providing 24/7 helplines, software solutions and consultancy services.

Since launching in 2006, we’ve operated at the sharp end of customer service, supporting some of society’s most vulnerable people. We’ve pioneered in our space to become a specialist in helplines, whilst using the most advanced communication and database technologies available.

Our social mission has remained a constant throughout, providing many meaningful career prospects and growth opportunities to people within our local communities and fur...
(read more)

Digital Wholesale Solutions

International Inbound (ITFS & DID's) & Int'l Two Way Voice (SIP Trunks)
Digital Wholesale Solutions (formerly Daisy Worldwide) specialise in Global Inbound ITFS and DID Services from 160 countries (covering 7,000+ cities).

We also have International SIP Trunk (66 Countries) – where numbers are presented in a local format.


VADS Inbound Contact Center
VADS Inbound Contact Center Services provide live operators who answer incoming calls as you would yourself. A team of professional script writers is available to help you script a greeting and experience programmers will set up a time and money saving program. Our unique approach to call center services is client-focused, and takes each project’s unique needs into account to our client’s satisfaction. We offer solution as part of our service to keep you in touch with your client and drive sales.

- Customer Service
- Walk In Center
- Service Desk

Technosys IT Management

Customer Support
Technosys IT Management Bpo, the business process Outsourcing, gives end-to-end transformative administrations for its customers over the globe. The organization's coordinated IT and BPO arrangements approach empowers it to open business esteem crosswise over ventures and administration lines, and address business challenges for its customers. Using inventive business perfection structures, progressing profitability changes, process reengineering, mechanization, and front line innovation stages, Technosys IT Management empowers its customers to accomplish their cost diminishment goals, enhance process efficiencies, upgrade viability, and convey unrivaled client encounter


WorkGenda is a state of the art WFO cloud service, used by customers around the world. WorkGenda provides: a) an AI based forecasting engine, which automatically generates forecasts with a WAPE of 3 to 5%, b) a capacity management engine based on a traffic simulator, with perfect support for blending regardless the type of channels, which subsequently automatically converts the computed capacity into optimised shifts, where ‘optimised’ equals to a zero or the mathematically minimum possible overstaffing under the given contractual constrains, c) an automated scheduling engine, capable of scheduling 3000 multi-skilled agents for a whole week in 2 minutes and d) an Intraday bot which automatic...
(read more)



Starting on the hour every hour today

My Role As A CX Champion In My Company

Coming up this Week

About us - in 60 seconds!

Submit Event

Upcoming Events

The 19th EMEA Annual Best Practices Conferences are here! Meeting Point for the World's Best Contact Center & CX Companies Read More...
The 19th Asia Pacific Annual Best Practices Conferences are here! Meeting Point for the World's Best Contact Center & CX Companies Read More...
The 19th World Final Annual Best Practices Conferences are here! Meeting Point for the World's Best Contact Center & CX Companies Read More...

Newsletter Registration

Please check to agree to be placed on the eNewsletter mailing list.

Industry Champion Award Leaderboard

Most active award entrants in the past 48 hours! - Vote for Others / About Program
both ids empty
session userid =
session UserTempID =
session adminlevel =
session blnTempHelpChatShow =
session cookie set = True
session page-view-total = 1
session page-view-total = 1
applicaiton blnAwardsClosed =
session blnCompletedAwardInterestPopup =
session blnCheckNewsletterInterestPopup =
session blnCompletedNewsletterInterestPopup =