8 Ways to Secure the COVID-19 Remote Contact Center
The COVID-19 pandemic pushed many contact center workers out of centralized offices and into their homes. As the pandemic continues, and perhaps even after, remote work may become standard for many of these agents.
So much about customer service changes in an online-only world, and security needs to be part of that change. Contact center agents access sensitive customer information such as credit card numbers, health data, financial records and more.
Securing Remote Contact Center Agents
With agents in remote locations rather than central offices where only company networks are used, there are additional challenges to keeping customer data safe. Here are eight items to check to help keep both corporate and customer data protected when your organizations’ agents are working remotely.
- Device Management. If agents use their own personal devices instead of company-owned devices, make sure they only use their work accounts to conduct business for the organization. Creating a separate work account will provide the agent with a clean browser experience that doesn’t migrate any personal information or preferences. Tying all organizational information and data to a work account enables agents to use all the necessary work-related tools and keep that information separate from their personal accounts and data. Whether the agent’s device is a personal device or company-owned, all access to the device and to cloud-based services used for work using the device should be logged and protected by the latest online security standards. Laptops or PCs should automatically go to sleep or to a screen saver after a certain time so that unauthorized family members or visitors don’t see the customer’s data if agents walk away from screens.When not in use, devices need to be secured. Hard disc encryption will protect customer and organization data even if devices are stolen. The use of a contact center-as-a-service, or CCaaS, solution can ensure that security and software updates are automatically pushed directly to agents, so they run the latest and most secure versions of that solution no matter where they are.
- Connectivity. Strong passwords and firewalls need to protect home-based internet connections so that no one else, including neighbors, can get on the network. Agents should authenticate to the network so that, even if log-in information is saved, they face an extra step that authenticates the agent is personally accessing the service and that someone else is not using their computer to gain access. While central offices have robust firewalls to protect systems, home routers will be more at risk. Agents need work-approved personal firewalls on their computers.
- Cameras and Microphones. While video chat-based customer support could be less frequent, a physical camera cover will prevent unexpected sharing and avoid video content being recorded in the event of camera hacking. Even if agents use a wired headset with a microphone to speak to customers, laptops have their own microphones for recording and can be listening, by default, to activate a voice assistant in the operating system. Agents should set the headset microphone as the default input device and, if necessary, deactivate the laptop microphone.
- Call recording. If agents need to record calls, the IT department should ensure call recordings can be stored securely and only retained for as long as they’re needed for business purposes. Call recordings and video recordings are personal data and should be handled accordingly.
- Awareness. Whether agents are remote or in a central office, managing any customer’s data that the teams might process, is absolutely critical. Storing this information according to security and compliance requirements, both regional and sector-specific, is key. Encryption is essential, both in transit and at rest. In addition to encrypting a computer’s hard drive, cloud-based storage services provide one of the safest ways to secure company, customer and personal information.
- Monitoring. Companies should manage devices that remote agents use to ensure that password and screen lockout policies are followed; security and other updates occur in a timely manner; and companies can perform forensics and place data under legal hold if needed. Ideally, new policies and ways of doing things should be automated and not be left up to the agent to implement independently, correctly and securely. Companies should be able to remotely control software installed on any device used for customer service work.
- Training. Agents need to be trained to be “human firewalls” when it comes to security. More frequent training sessions will keep security and privacy top of mind. Also, more frequent training creates more opportunities for companies to check in with remote agents and help keep them engaged. Engaged agents will be more alert and potentially more diligent at following security rules.
- Physical space. Remote agents should be in an area of the home that is as private as possible—and private enough to support the business. For some companies, soundproofing equipment and privacy screens may be required. Headsets will reduce the chance of others overhearing information that could be considered sensitive or private to the customer during a customer conversation.
Securing Data, Securing Brand Reputation
Security breaches put consumer data at risk. They also endanger brand reputations. Almost 9 of 10 consumers won’t do business with a company if they have concerns about that company’s security practices, PwC found. Contact center technology that safely enables work-from-home customer service is critical to protect both consumers and companies.
