Here’s a painful truth: Data theft poses a serious risk to not just consumers but to call centers as well. Harmful lawsuits, negative publicity, and a tarnished reputation for the industry as a whole are just a few of the ramifications that can result from large-scale data breaches.
To ensure the safe handling of information and protect customers against identify theft, PCI compliance is a must. For contact centers, this means implementing advanced data security wherever and however sensitive data is being shared or stored.
But how, exactly, do you determine if your customers’ call data is safe? The following is a list of 5 questions to ask yourself right now:
1) Who has access to sensitive data?
“People have always been the weakest link in any security system,” claims a Call Centre Helper article on how to keep call center data safe. “The problem is compounded at call centers because of the very high turnover of staff.”
To safeguard against data theft and mitigate potential disaster, it’s a good idea to evaluate which groups of agents have access to certain information. Information should be compartmentalized so that individual agents only have access to the specific information they need to do their jobs. Role-based log-ins, for example, can limit the number of staff exposed to sensitive data, which ultimately makes sensitive consumer data safer.
2) What security questions are your agents asking customers?
Confirming a telephone caller’s identity prior to proceeding with a call relating to confidential information is also critical. What steps is your call center taking to reassure customers their personal information is being handled properly?
While the specific questions asked by call centers vary across industries, the most common security check involves a three-question verification of the caller: 1) account or reference number, 2) customer’s name, and 3) address or date of birth.
3) What type of infrastructure security do you have in place?
When it comes to protecting cardholder data in the call center, a secure computing environment resistant to breaches and attacks is essential. To make certain that every aspect of the contact center technology is as secure as possible, start with an effective firewall and router, as well as internal processes that provide additional layers of protection. All traffic from unsafe networks and hosts should be restricted, and there should never be any direct access between any network component containing cardholder data and the Internet.
4) Is your customers’ data protected by physical security measures?
In addition to infrastructure, staff, and user security, contact centers should also take physical security measures to restrict access to sensitive customer and payment data. Carl Adkins of Infinity CSS recommends that call centers restrict access to key areas of the building by adopting an RFID card system. Additional security measures may include mantraps and surveillance cameras, as well as security staff with suitable background checks, notes Call Centre Helper.
5) Are you up-to-date on PCI compliance?
Businesses of all sizes must undertake PCI compliance auditing to ensure that their customers’ data is protected during credit or debit card transactions and if stored within any internal business databases. This process is not something to be taken lightly; in fact, PCI compliance requirements are only getting more intense given the evolution of cybercrime.
Make sure you know all the rules. The PCI DSS policies for call centers, which contain all necessary policies, procedures, forms, checklists, templates, and other supporting material, is now available for instant download. A recent CallMiner webinar also discussed changes to PCI compliance, as well as PCI compliance risks and approaches for keeping consumer data secure.
Stories of security breaches, where millions of customers have had their personal information exposed, are all too familiar in today’s digital marketplace. Is your customers’ call data safe? Are you sure?
Ask yourself the above 5 questions to determine the level of security in your contact center. Doing so will increase customer confidence in your business and ensure that you’re not exposed to security breaches that could have been avoided.
Image Credit: ©iStockphoto.com/Sergey Nivens