Call Accounting Featured Article

Tips for Keeping Customer Information Safe in the Contact Center

March 11, 2019

As consumers become more aware (and more concerned) about who is accessing and storing their personal financial information, more companies are under pressure to keep this information safe, not only from hackers, but from employees who might misuse it. Call centers often feature high turnover, and many historical data breaches are not due to external forces, but from sensitive information collected and misused by employees.

The Payment Card Industry Data Security Standard (PCI (News - Alert) DSS) was designed to protect payment card information in any format in which it exists, including in internal company databases. PCI DSS technology  keeps systems secure, and means customers can trust you with their sensitive payment card information. The PCI DSS continually monitors threats and takes steps to mitigate any new risks that might present themselves. This doesn’t mean that all risks are eliminated, however.

There are steps companies can take in addition to PCI compliance that help keep customers’ data secure.

Restrict access to sensitive information to trusted agents. While we have a modern image of hackers intercepting customer information, the reality is that data theft is usually far more informal and could even involve employees copying credit card numbers off a screen. If you have an open floor plan in the contact center, consider creating a secure area for agents authorized to take credit card numbers to cut down on the number of eyeballs that can see the information on the screen.

Be certain your authentication is robust. Many contact centers today use home-based agents, but they can’t be sure that the person logged into the system is the right person. Family members and roommates should be locked out of call center systems using multi-factor authentication that involves the use of hardware tokens.

Audit your security procedures regularly. Even the best systems can evolve holes over time. Employees can become slack about security procedures, or information can fall into the wrong hands. Ensure you’re conducting regular security audits so you’re not bleeding customer information from places you didn’t expect.

Remember your call recordings and call accounting solutions. Many companies are careful to put security restrictions on live calls and contacts only to forget that sensitive customer information may be contained in recorded calls and screen captures and even in call accounting software. Ensure that any call recording solution you choose features a digitally secured repository so no customer financial information can leak from your quality management solution or call records.

Edited by Maurice Nagle