{"id":17439,"date":"2021-03-26T07:18:27","date_gmt":"2021-03-26T07:18:27","guid":{"rendered":"\/gb\/en\/blog\/?p=17439"},"modified":"2023-01-16T17:25:57","modified_gmt":"2023-01-16T17:25:57","slug":"cybersafety-for-the-remote-revolution-keeping-call-centre-workers-cybersafe","status":"publish","type":"post","link":"\/gb\/en\/blog\/cybersafety-for-the-remote-revolution-keeping-call-centre-workers-cybersafe\/","title":{"rendered":"Cybersafety for the Remote Revolution – Keeping Call Centre Workers Cybersafe"},"content":{"rendered":"

Experts project the permanent remote workforce to grow from<\/span> 16.4 per cent in 2020 to 34.4 per cent in 2021<\/span><\/a>. With more personnel decentralisation, companies will face more cybersecurity challenges.<\/span><\/p>\n

Remote call centres will particularly be highly vulnerable due to the type and amount of data they handle. Therefore, IT must heighten security protocols and ensure that teams observe the best practices to<\/span> address cybersecurity threats<\/span><\/a>.<\/span><\/p>\n

Let’s discuss why your remote call centre<\/a> is a hot target for fraudsters and how you can enhance cybersafety in the department.<\/span><\/p>\n

Data Security Risks in Call Centres<\/b><\/h2>\n

Intruders attack organisations through the easiest loopholes, irrespective of the department. However, call centres have certain aspects that increase their risk to internal and external threats. Let’s see why they are a magnet for data thieves.<\/span><\/p>\n

Sensitive Customer Data<\/b><\/h3>\n

Call centres handle sensitive customer data, something that fraudsters work day and night to find. At the least, call agents have direct access to personally identifiable information (PII), used to verify customer identities. This can include credit card numbers, bank details, SSNs, healthcare records, email addresses, passwords, dates of birth (DoB), and more.<\/span><\/p>\n

Masters of social engineering often contact unsuspecting call centre representatives and lure them into exposing such information. If successful, they exploit it to commit fraudulent activities, like illegally transferring funds from bank accounts.<\/span><\/p>\n

Identity theft and fraud cases have been rising steadily over the past few years.\u00a0 According to data by the Federal Trade Commission (FTC), <\/span>complaints shot from 2.9 million in 2017<\/span><\/a> to just over 3.2 million in 2019.<\/span><\/p>\n

Of the 1.7 million fraud-related cases in 2019, 23 percent of the complainants reported having lost money. Consumers lost at least $1.9 billion to fraud.<\/span><\/p>\n

\"preyproject<\/p>\n

Entry-Level Employees<\/b><\/h3>\n

Some companies hire entry-level call centre representatives who demand relatively low wages. While this is a viable cost-cutting measure, it introduces other risks in call centres.<\/span><\/p>\n

First off, some people take entry-level contracts only to gain experience, after which they look for greener pastures elsewhere. They don’t approach their jobs passionately since they aren’t long-term careers. Such workers don’t have much employer loyalty.<\/span><\/p>\n

Second, a low-income worker might lack the motivation to work diligently. If they are struggling financially, a little incentive from external agents can have them selling customer information. Considering all the<\/span> work involved in call centres<\/span><\/a>, unmotivated agents can even misuse the data for personal gain.<\/span><\/p>\n

Does that sound like your call centre? Your organisation and clients might be in trouble. You have a team of insiders who can assist intruders in harming your organisation without a second thought.<\/span><\/p>\n

The Impact of Insider Threats<\/b><\/h3>\n

A <\/span>study by The Ponemon Institute<\/span><\/a> indicates that insider threats are on the rise. Since 2018, cybersecurity incidents due to rogue insiders increased by a staggering 47 per cent. The cost of the said threats increased by 31 per cent over the period.<\/span><\/p>\n

If you thought that all insider-caused breaches are intentional, you are wrong. Data shows that most of the incidents occur due to mistakes by negligent employees and contractors.<\/span><\/p>\n

While organisations lose a lot of money in dealing with negligent insider cases, the cost per incident is relatively low. The amount per breach involving insider criminals and credential thieves is two to three times.<\/span><\/p>\n

High Attrition in Call Centres<\/b><\/h3>\n

Most workplace crimes by employees happen when they are about to quit or after leaving. The reason is simple \u2013 it’s hard to implicate an outsider for a crime that occurs inside your company. For this reason, organisations with a high turnover of employees who handle sensitive data face the risk of serious data breaches.<\/span><\/p>\n

Sadly, attrition has been increasingly high in almost all sectors, call centres being among the most affected. <\/span>Based on data from 2008 to 2017<\/span><\/a>, call centre attrition fell gradually from 42 per cent in 2008 to 27 per cent in 2011. It started rising again from 2013 to reach 30 per cent in mid-2017.<\/span><\/p>\n

If these statistics are something to go by, CISOs and IT managers have a reason to worry. Maybe it’s time for HR to raise the entry requirements for call centre employees and compensate them generously to retain them. Organisations should also<\/span> support staff in difficult times<\/span><\/a> to give them peace of mind and boost employer loyalty.<\/span><\/p>\n

Tech Vulnerabilities in Remote Call Centres<\/b><\/h3>\n

Modern contact centres rely on digital systems to communicate with customers, and the technology is ever-evolving. However, criminals are continually finding ways to circumvent intrusion prevention and data security mechanisms.<\/span><\/p>\n

The invention of chip and pin technologies heightened payment card security to almost foolproof levels. Fraudsters had to find alternative workarounds, one of which was exploiting the phone channel.<\/span><\/p>\n

It’s not uncommon for VoIP<\/a> providers to allude that their services are secure, but is that the case? While vendors can apply the highest cybersecurity protocols in their systems, there’s always a chance that a criminal will break them. Hackers are fast learners who scrutinise software systems and exploit the smallest loopholes.<\/span><\/p>\n

As you can see, technology is vulnerable, and <\/span>employees can expose data accidentally<\/span><\/a> or maliciously. So, what can a data breach bring? Let’s discuss the damaging outcomes of a cybercrime.<\/span><\/p>\n

\"preyproject<\/p>\n

Consequences of a Data Breach<\/b><\/h2>\n

The repercussions of a data breach are hard-hitting. They can even wipe a successful business out of existence. Below are some of the most damaging consequences.<\/span><\/p>\n

Financial Loss<\/b><\/h3>\n

A data breach, especially one that exposes PII, can lead to untold financial implications. If customers lose money, you have to compensate them. You’ll also spend on incident response, investigations, legal fees, and setting up better security measures.<\/span><\/p>\n

Penalties for non-compliance are costly. In healthcare,<\/span> technology and healthcare are inseparable<\/span><\/a>, but stakeholders have to comply with strict regulation such as the Health Insurance Portability and Accountability Act (HIPAA) in the USA. Although the UK doesn\u2019t have a HIPAA equivalent per se, any <\/span>companies in the UK that do business in the US will need to abide by HIPAA laws<\/span><\/a>. Fines due to negligence can cost<\/span> $100 to $50,000 per violation<\/span><\/a>.<\/span><\/p>\n

Legal Action<\/b><\/h3>\n

The law requires organisations to demonstrate their ability to protect personal data from unauthorised access and misuse. If such information gets compromised, its owners can sue your business. Many victims in Europe and America have taken companies to court seeking compensation for data loss.<\/span><\/p>\n

Forensic Investigations<\/b><\/h3>\n

A company that has suffered a data breach is responsible for investigating the cause of the incident. The findings are useful in creating a more reliable defence strategy to avert future cybercrime attempts. However, the associated expenses, which are often unanticipated, are costly in the short term.<\/span><\/p>\n

Reputational Damage<\/b><\/h3>\n

A successful<\/span> customer retention strategy<\/span><\/a> requires a lot of time, effort, and resources. However, one data breach incident is enough to ruin your reputation and ruin your business. Once you’re a victim of a cyberattack, most customers will lose trust with your company and stop shopping with you.<\/span><\/p>\n

The worst part is that they will spread the word, either by telling others, protesting on social media, or commenting on your business website. You’ll lose out to competitors in no time.<\/span><\/p>\n

Operational Disruptions<\/b><\/h3>\n

Cyberattacks interfere with business operations in incredible ways. A distributed denial of service (DDoS) incident, for example, prevents legitimate users from accessing websites and online resources.<\/span><\/p>\n

The<\/span> cost of unexpected IT outage<\/span><\/a> is high. A <\/span>2015 attack brought the BBC domain down<\/span><\/a> for three hours, taking the on-demand radio and TV offline. It took the broadcasting giant about two weeks to recover.<\/span><\/p>\n

Cybercrime Prevention in Remote Call Centres<\/b><\/h2>\n

Organisations have to implement a multi-layer data security strategy to stop intruders from accessing sensitive information illegally. If you run a call centre, consider the following information security measures.<\/span><\/p>\n

\"preyproject<\/p>\n

Heighten Physical Security<\/b><\/h3>\n

Given a chance, bad actors would steal files right from their physical storage instead of struggling with sophisticated technologies. For this reason, safeguarding your data storage assets should be on top of your list. It revolves around physical controls.<\/span><\/p>\n

Ensure that only authorised staff can visit restricted areas such as server rooms. Only the employees on duty should use office computers. Install a reliable surveillance system and employ qualified personnel to monitor your offices.<\/span><\/p>\n

Apply Data Security Basics<\/b><\/h3>\n

There are some fundamental security practices that every department using computer systems should implement. These include:<\/span><\/p>\n