In this blogpost:

In your call center, your customer always comes first and that means you have to make sure you protect them from cybercriminals who are after data.

It’s easy to get caught up in stats,
reports
 and SLAs, but as a call center manager, call center security should really be at the top of your list.

Call centers have a high risk of data breaches, as cybercriminals know all too well that all customer contact is digital these days.

And since we keep a huge amount of sensitive information in call centers, it is every cybercriminal’s wet dream.

Call centers & data breaches: a recap

In 2021, dozens of Dutch elderly people were
scammed
 after cybercriminals stole the personal data of 92,000 thousand people through a call center data breach.

A total of over 35,000 euros was stolen from the victims.

And do you
GGD data leak
 remember?

In the midst of the first corona wave, the Ministry of Health was shy of personnel and scaled up quickly.

Call center agents were able to access and steal the private data of millions of citizens.

In short: if you don’t have your call center security in order, thousands of old people may be scammed and people harassed to the end of days by rogue “family members” who lost their phones.

And so you don’t want that.

It is more important than ever that you have your call center security in order, because you never know what kind of trouble is coming your way.

We’ve created a detailed guide to get you started!

What security threats do call centers face?

There are actually two main types of threats that you as a call center manager and IT department have to take into account:

Internal Threats

Okay, most of these threats are not as insidious as the term makes it sound (leaving aside that disgruntled agent hoping to cash in quickly via fraudsters), but the fact is that data breaches in most cases are the result of human interaction.

For example, an agent may open a link in a phishing email sent by a cybercriminal to gain access to the agent’s computer.

Sometimes agents don’t pay close attention to documents containing customer data that have been left for other eyes.

Many internal threats are just coincidences and can be avoided with a good call center security training plan that all agents should participate in and keep up with.

External Threats

When a cyber criminal tries to infiltrate a call center’s security measures, we are talking about external threats.

There are many ways in which cybercriminals can obtain information, one that is gaining popularity in the call center world.

Account Takeover (ATO) is a part of identity theft where a cybercriminal pretends to be a customer to an agent in order to obtain personal information.

What is a data breach?

A data breach occurs when an unauthorized person gains access to confidential or protected information.

This can happen through unauthorized access to computer systems, stealing documents or hard drives, or intercepting communications.

When is there a data breach?

To determine whether you are facing a data breach, you can ask yourself a few questions:

  1. Is there unauthorized access, use, disclosure, interception or destruction of confidential or personal information?
  2. Is there a loss of control over protected information?
  3. Is there any unauthorized acquisition of personal information that compromises the security, confidentiality or privacy of individuals?

How does a data breach affect your call center?

When your call center falls victim to a data breach, a few things can happen.

The first and most obvious outcome is that your customers’ personal data is stolen by the cybercriminals.

This data can then be used to commit identity theft or other crimes.

Another possible outcome of a data breach is ransomware being installed on your call center’s computer systems.

Ransomware is a type of malware that encrypts all your data and holds a ransom until you pay the cybercriminals.

If this happens, you could lose all your customer data and face significant financial losses.

Your staff may also be at risk if their login credentials are stolen by cybercriminals. This allows them to access sensitive customer data and company information.

Malware can also be installed on your call center’s computer systems, which can steal information or even damage your systems.

What should you do in the event of a data breach in your call center?

Ai, they succeeded after all. Cybercriminals got hold of your login credentials. What should you do when your customer data is on the street?

  1. Immediately report the data breach to your IT department and management.
  2. Assess the damage and determine what information was stolen.
  3. Inform your customers that their information may have been compromised.
  4. Take call center security measures to secure your computer systems and prevent future data breaches.

Call center security: 6 tips

The number of ATOs is increasing at a rapid pace and it is therefore important that you implement a number of safety measures.

Below we give you five things you can do to keep your customer data more secure:

1. Use multi-factor authentication

Two-step verification is being used by an increasing number of apps and websites as additional protection for login credentials.

The customer enters their account name and password and then an additional security code is sent to a device of their choice (usually e-mail or SMS). This code must then be entered when logging in.

For calls to live agents in the contact center, technology exists that sends a text message to the mobile number on the caller’s bill, asking them to verify that they are actually calling.

This provides an extra layer of security against cybercrime such as ATOs for peace of mind for both agent and customer.

Steam-connect can also be equipped with two-factor authentication as standard.

2. Encrypt all your data whether you use it or not

Invest in software that can encrypt your data. This technology rewrites your data into an unreadable piece of text that no one can read without the unlock key.

If you need the data, you can access it with a password.

3. Determine who has access per user

Call center security starts with your permissions.

Not everyone in your call center needs access to all the information. Cloud software often helps you with permissions by user(s) so that information does not come under the eyes of people who have nothing to do with it.

In Steam-connect you also determine which user has which rights. Obviously, a manager sees different data than an agent.

4. Not everything has to be verbal

You have a good chance of a data breach if you let your customers give their bank details and insurance numbers to your agents.

Make sure you set up your call center in such a way that customers have to enter the number on the keyboard when passing on sensitive or numerical data.

You never know who is listening in and this way is also a lot less error-prone.

5. Bring your entire call center to the cloud

Good call center security leans very heavily on software and technology.

The cloud is one of the most secure technologies of the moment, due to all the strict security measures. Data security is also always a top priority for cloud providers.

Steam-connect software operates entirely from the cloud, simply because it is the easiest way to help customers and provide the best experience.

Taking your applications to the cloud is always a good way for call center security.

6. Train your agents

When it comes to call center security, one of the most important aspects is making sure your employees are aware of the dangers and know how to protect themselves and your customers.

Many companies hold security training sessions for their employees, but not all contact centers have the budget for it.

There are a few things you can do to provide some level of training even if you can’t afford a full program.

First, make sure all your employees have at least a basic understanding of cybersecurity. This means teaching them not to open attachments from unknown sources, to be careful what they post on social media, and to use strong passwords.

You can also provide training on how to recognize phishing scams and other types of cybercrime.

Train your agents to be aware of the risks of talking to clients, and remind them not to give out personal or financial information without verification.

It is also important to keep your agents abreast of the latest threats. Have a system in place to provide regular updates on new scams, malware and other attacks that may affect your call center.

By providing some basic training, you can help protect your employees and your customers from cybercrime.

Conclusion: call center security for rookies

Cybercrime is a serious problem, and it is only getting worse. Contact centers are excellent targets for criminals because of the amount of sensitive data they handle.

It is important to take measures to protect your call center from cybercrime. This includes implementing call center security measures such as encryption and two-factor authentication, defining user permissions, and training your agents in recognizing and preventing attacks.

There is also smart software on the market to help you do this.

The cloud is a safe place for your contact center data, and regular updates on new threats help protect your employees and customers.

Knowing more? Then also read the article on security within Steam-connect!