Blog

Is your Client Data at Risk?

0
0

1
0
0

By Mark Atterby

data-securityIn the wake of headline-making attacks and data breaches of Sony Pictures, JP Morgan, Snapchat and others, information security is becoming one of the highest priorities in BPO engagements. Organisations are sensitive about their data and want to know that it’s protected and being handled with care.

The costs to a client can be enormous both in reputation and direct financial impact. Just this month AT&T in North America was fined $25 million by the US Federal Communications Commission, for data security breaches at a call centre the company employed in Mexico to handle Spanish language services.

Employees working for the call centre stole private information belonging to thousands of US customers, including names, full and partial social security numbers, and account-related data. They sold this information to a 3rd party to unlock stolen mobile phones.

This is just one example. According to Gemalto’s Breach Level Index for 2014, 1,500 data breaches led to one billion data records compromised worldwide during 2014. These numbers represent a 49% increase in data breaches and a 78% increase in data records that were either stolen or lost compared to 2013.

Employees working for the call centre stole private information belonging to thousands of US customers, including names, full and partial social security numbers, and account-related data.

It impacts the whole industry

Not only does a major security breach harm the client’s business – it strikes at the very heart of the industry as a whole. Security and how well a BPO provider can demonstrate their commitment to it is increasingly becoming a deal breaker.

Clients need to audit the security procedures of any prospective vendor. If the vendor will be handling information in regards to payments or credit cards then ensure their systems are PCI compliant.

One of the causes of data breaches is from internal employees or former possibly disgruntled employees. Centres with high turnover have a more significant challenge in maintaining control and security.

Not only does a major security breach harm the client’s business – it strikes at the very heart of the industry as a whole.

There are various measures contact centres are deploying to ensure BPO staff do not breach client’s confidentiality and mis-appropriately use their data. Some of these measures include[i]:

  • Creating a paperless environment, preventing employees from writing down and removing information by ensuring that all work processes are done on the computer, without having to record anything on forms or notes.
  • Prohibiting the use of mobile phones and cameras on the floor.
  • Prohibiting paper, pens and digital recording devices from being brought onto the floor.
  • Preventing internet access for employees on the floor.
  • Limiting functionality and access of personal computers or terminals used by call centre agents (for example, disabling USB ports). Companies may also use data loss prevention software to block attempts to download, copy, or transmit sensitive electronic data.

A provider that can’t keep its clients’ customers’ information secure is exposing their client to considerable risk. An organisation can outsource an activity but not its responsibility to the secure handling of private information.

[i] http://www.csoonline.com/article/2122795/physical-security/call-center-security–how-to-protect-employees-and-customers.html
April 28, 2015
Comments

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

9 + 4 =