Is your Client Data at Risk?By Mark Atterby In the wake of headline-making attacks and data breaches of Sony Pictures, JP Morgan, Snapchat and others, information security is becoming one of the highest priorities in BPO engagements. Organisations are sensitive about their data and want to know that it’s protected and being handled with care. The costs to a client can be enormous both in reputation and direct financial impact. Just this month AT&T in North America was fined $25 million by the US Federal Communications Commission, for data security breaches at a call centre the company employed in Mexico to handle Spanish language services. Employees working for the call centre stole private information belonging to thousands of US customers, including names, full and partial social security numbers, and account-related data. They sold this information to a 3rd party to unlock stolen mobile phones. This is just one example. According to Gemalto’s Breach Level Index for 2014, 1,500 data breaches led to one billion data records compromised worldwide during 2014. These numbers represent a 49% increase in data breaches and a 78% increase in data records that were either stolen or lost compared to 2013.
Employees working for the call centre stole private information belonging to thousands of US customers, including names, full and partial social security numbers, and account-related data.
Not only does a major security breach harm the client’s business – it strikes at the very heart of the industry as a whole.
- Creating a paperless environment, preventing employees from writing down and removing information by ensuring that all work processes are done on the computer, without having to record anything on forms or notes.
- Prohibiting the use of mobile phones and cameras on the floor.
- Prohibiting paper, pens and digital recording devices from being brought onto the floor.
- Preventing internet access for employees on the floor.
- Limiting functionality and access of personal computers or terminals used by call centre agents (for example, disabling USB ports). Companies may also use data loss prevention software to block attempts to download, copy, or transmit sensitive electronic data.