News Stay informed about the latest enterprise technology news and product updates.

Call centers grappling with data security

Call center security issues are seeing plenty of headlines lately thanks to HP and outsourcing scandals in the U.K. Meanwhile, work-at-home agents are adding a new wrinkle.

Data security in the call center has emerged as front page news on both sides of the pond in the wake of two high-profile cases.

A documentary that aired in the U.K. last week showed an undercover reporter purchasing bank account details and other personal information from a man with ties to an outsourced Indian call center operation. That has renewed outrage in the U.K. where consumers are still upset about a revelation in June in which a reported £230,000 was taken from British bank customers. An employee at a Bangalore, India, call center of HSBC Holdings plc was arrested after an internal investigation in that case.

Meanwhile, criminal charges have been filed at Hewlett-Packard Co. where investigators hired by the company used pretexting to acquire the phone records of reporters in an effort to determine the source of news leaks within its organization. Pretexting is a practice of misleading employees of banks and phone companies into revealing a customer's private records. While much of the publicity has focused on the investigators and the executives at HP who may have known about the practice, it has demonstrated the need for organizations to be wary of safeguarding their customer data.

For more on call center agents
See two call center experts face off on the outsourcing debate

Check out how to build a business case for remote agents

A recent survey in the U.K. found that 50% of organizations aren't doing enough to control the use of customer data, noted Richard Snow, vice president and research director with San Mateo, Calif.-based Ventana Research. Employees are unfamiliar with laws surrounding customer data or they believe that complex nondisclosure agreements are protection enough.

"There isn't a simple answer," Snow said. "Any person -- in a contact center, a work-at-home person or an outsourcer -- if you're going to get them to answer customer calls, you're going to give them data. From a technical point of view you can give them user identity files but we all know that can be broken down. The biggest issue is do you trust those people to use that data."

Snow, who is based in the U.K., has seen firsthand what a data breach in the call center can mean. Companies are now using the fact that they don't outsource customer service calls to India as a major differentiator.

The first solution, Snow said, is better screening, followed by better processes and agent monitoring.

Safe at home?

Work-at-home, or remote, agents, offer a new wrinkle to securing customer data. These agents tend to be more experienced and willing to work for less and, as technology like Voice over Internet Protocol (VoIP) evolves, require only an Internet connection, a phone and software, saving call centers on real estate costs. But no matter how sure a company is that its agents are trustworthy, what if they live in a household with an ex-con? What does their easy access to customer records mean for compliance?

"Agent selection including background screens and criminal background checks is the most critical factor," said Michael DeSalles, industry analyst for the communications practice at Frost & Sullivan.

Work-at-home agents who work from a shared computer present additional risks, because there is a greater threat of downloading a virus or being hacked, he added.

North American outsourcers, who rely most heavily on home-based agents, are the organizations addressing security most carefully. In fact, many have a proprietary screening process and are unwilling to share their methods, DeSalles said. Monitoring becomes a vital factor as well, and while companies save on real estate and benefits with work-at-home agents, they have to make up much of that in infrastructure and security.

"The very best outsourcers monitor the screens that each agent sees," DeSalles said.

Dig Deeper on CRM strategy and implementation

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

It used to be that everyone at a call center used to sit in a room - mostly a basement or conference room or a lunchroom converted for call-center status in non-meal time. Now the folks doing the calls or taking the calls can be anywhere, on any system, with any phone. And that scares people. It a degree. If I'm using insecure tech at my home to do my job, then my company should shut me down and make me work at the office. OR they should provide me with secure technology so I can keep customer data safe. I think in a rush to grab the benefits of an off-site workforce lots of companies didn't fully think about the dangers of putting all that info over systems that weren't under their control. Interesting.