Author: Dave Holliday, Global IT Director
Major changes over the last few months have led to a dramatic change in strategies. Adopting permanent hybrid working models for employees has left organisations questioning the need to maintain premised hardware and infrastructure. As a result, they’re looking to downsize their footprint in this area and move everything into the Cloud.
The Cloud is offering what could be defined as a silver bullet for reduced costs, agility, scale and flexibility. For new virtual contact centres, these benefits are particularly attractive, especially when introducing agent-assisted online tools such as web chat to add to their customer contact mix.
However, in the wake of migrating to the Cloud, is the security and compliance around data getting enough attention? While 75% of contact centres say data security is no longer a barrier to Cloud migration, where you involve payment and personal data, things get a little more complicated.
As we take the first steps to a different looking future, for many businesses with contact centres, there remain some hurdles to overcome.
Responsibilities are unclear. Cloud providers need to make it quite clear how they will manage your data, what their roles and responsibilities are. You also need to understand where your liabilities and ownership lie otherwise security issues can fall through the gaps and open you up to greater risk.
You are not alone in the cloud. In public Clouds other businesses are sharing the space and this can increase the risk because it’s possible that someone could go beyond their environment and into yours to access your data, through either misconfiguration or poor design.
Some control is lost. Once in the Cloud you’re storing data on someone else’s server. So, you don’t have as much control over it, or the access to it, that you may have on-premise. You rely on your Cloud provider to protect that data for you and they should be ready to provide you with their AOC for your annual audits. Remember however, responsibility of logical access control is not always covered by a Cloud provider.
Data is more attractive. Hackers want data and the increased shift to the Cloud has created more opportunities for them to get their hands on it. Defining the value of your data and knowing who has access to it will help, as will encryption, monitoring, strict identity or access controls and a tested incident response plan.
Existing security controls may not be effective. Cloud-based resources can be complex to configure so it’s best not to assume that the controls you traditionally used will work as well in a Cloud environment.
Biggest threat could still be an insider. The threats from trusted insiders are as serious in the Cloud as they are on-premise. 64% of all reported insider incidents were due to employee or contractor negligence. Robust education and training plus restricted access to critical systems can help.
Keep data out – full stop.
Preventing sensitive personal or payment data from entering your Cloud environment in the first place is certainly the most robust way to ensure payment security. If there’s no data in your environment, it can’t be stolen.
Cloud contact centres are great tools to enable contact centre services. However, they do need to be built and configured properly, with correct access controls added. One simple change to a call flow can suddenly open a floodgate of payment data surging into your organisation. The last thing you want to show in your audit.
Our security specialists - Dave Holliday, Global IT Director and Kevin Vaughan, Head of Information Security – share their expertise and insight in this webinar ‘Your Cloud provider may be compliant but is your payment data secure’. If you missed it, visit YouTube.com / EckohPLC / videos
Eckoh is a global provider of Secure Payment and Customer Engagement solutions via our Eckoh Experience Portal. We’ve an international client base and offices in the UK and US. We're providers in transforming contact centre operations by delivering customer experiences across every channel, boosting agent productivity, reducing operations costs and maximising payment security. We’ve over 20 years’ experience in contact centre technology solutions. Eckoh has been a PCI DSS Level One Service Provider since 2010.
Published: Monday, September 13, 2021
Optymyse - Digital Employee Engagement
Optymyse is a completely new way to empower, engage, motivate and retain your contact centre, call center and helpdesk agents. Optymyse is a unique neuroscience-based approach which takes care of your most valuable asset - your people and is focussed on improving mental health, wellness, wellbeing, motivation, happiness and reducing stress in the workplace.
Co-Browsing is the practice of web-browsing where two or more people are navigating through a website on the internet. Software designed to allow Co-Browsing focuses on providing a smooth experience as two or more users use their devices to browse your website. In other words, your customer can permit the agent to have partial access to his/ her screen in real-time.
I am checking out all the amazing and daily updated content on ContactCenterWorld.com and networking with professionals worldwide
Send To Friends Post On My Wall