For both cloud contact center agents and customers, security and privacy are non-negotiable requirements. Customers need to make sure their sensitive data is private and secure. But at the same time, enterprises need to ensure remote contact center agent security and privacy concerns are also met.
Along with their cloud contact center solution, organizations need to use a combination of other technology and management practices for rock solid security and privacy that builds trust – for both agents and customers.
In this article, we outline the basics of remote contact center agent security and privacy, including:
The new concerns that working from home raises
Best practices to manage remote agents
How to protect customer data in your remote cloud contact centers
Work from Home (WFH) Contact Center Agents Introduce New Concerns
Recording contact center calls is not new. Office-based contact centers have long been making call recordings for training purposes. To ensure positive, productive agent interactions, supervisor barge-ins have been routine.
Moreover, when it comes to financial transactions, recording customer interactions has been, and still is, important to organizational compliance requirements.
In the call center of old, agents didn’t expect any degree of privacy.
The same tasks in a new set of walls raises privacy concerns
The difference now? Contact center tasks increasingly happen in a home office.
Since cloud contact centers must log all activity to fulfill its customer experience mission, organizations should not confuse logging with “bossware” tools that are designed to monitor employees.
Cloud contact center solutions enable a high quality agent experience by using a workforce management application. By using this kind of tool, enterprises generally get new levels of visibility and control.
For example, detailed logging with date and time stamps that are designed to help ensure consistent, fast, and friendly problem resolution show agent activity. Since logs are always complete, regardless of whether an interaction is voice, email, webchat, text or social media, agent activities are easy to see at all times. Even in the home office.
Security concerns can piggyback remote cloud contact centers
In many cases, remote-working agents can access sensitive data, like personally identifiable information. It’s incumbent on the enterprise to have both security technologies and processes in place to ensure proper data security.
In an on-prem call center, all data stays on the corporate network. That network is secured by firewalls, intrusion detection gear, and other security services. These aren’t always realistic in a home office, though.
So, how do contact centers adapt to meet the needs of remote cloud contact center agents?
WFH changes how agents work and live with your cloud contact center
Supervisors need to respect organization agent personal time, boundaries, and human needs. Consider the following best practices.
Establish trust with your WFH organization agents.
Encourage agents to take regular breaks – don’t expect anyone to work an 8-hour shift without breaks. Make sure agents keep their status updated, so contact volume stays well-managed. Extend flexible scheduling to agents control over their work schedule. Plan staffing to avoid frequent alerting or messaging to add extra agents, or even machine agents, to meet demand spikes.
Demonstrate the positive benefits of Workforce Management (WFM) tools.
Detailed logs of omnichannel interactions bring some great benefits. For example, WFM apps allow supervisors to view accurate forecasts for the day ahead. Supervisors save time with automatic scheduling, while agents can sign up for schedules that flex to meet their distinct needs.
Empower contact center agents.
Give them more control over their interactions and allow them to tackle each customer problem without a standard script. Use self-service, intelligent chatbots, and artificial intelligence to answer routine inquiries. This way, interactions your agents handle will be less and less standard. And then by letting agents engage as they see fit, both customers and agents enjoy a better experience.
Provide VPNs with split tunneling.
This turns a single Internet connection into two. One goes through the VPN’s encrypted tunnel. The second is an ordinary home Internet connection—hence, “split tunneling.” It’s great for organization WFH agents who need security for some things, and speed for others.
So how does this protect both security and privacy?
For work, WFH agents access organization resources through the encrypted VPN. They use the unencrypted Internet connection and a browser for cloud contact center access – with its own security - through the unencrypted tunnel. Hence, the enterprise gets peace of mind that their remote agents securely operate.
During off-work hours, WFH agents use this unencrypted part for personal Internet activities. This way, agents get privacy from their employers.
Protect customer data in your remote cloud contact centers
For organizations with a hybrid or remote contact center, lock down security wherever agents work.
Implement Zero Trust
An integrated approach to security, specifically zero trust is essential. Zero trust is a strategy and an architecture that protects organization infrastructure by following least privilege access, or whitelisting for resource access.
Specifically, users and devices must have explicit permission to access resources, even when inside the perimeter.
Identity is at the core of zero-trust, so rock-solid identity management must be in place. It authenticates user identity using multi-factor authentication.
In addition, organizations need to deploy an endpoint protection platform. And it needs to include the array of endpoints an agent might use, including laptops, tablets, and mobile phones.
This way, there’s authentication for the agents and the devices they use – that, in real-time, determines whether to allow access.
Make sure your cloud contact center has privacy and security safeguards
For organizations, encryption for both data in-transit and at rest protects all customer records, including interactions, credit card or personal identifying information. There can be no compromises.
In addition, your cloud contact center partner should follow some important high-level architectural principles. You should make sure that your Contact Center as a Service (CCaaS) vendor:
Works with identity/Single Sign On (SSO) providers with native integrations using SAML2.0, like Active Directory, Okta, or Sailpoint
Uses Two-Factor Authentication (2FA) and authenticates agent identities via email or text to a mobile phone
Encrypts all stored Call Detail Record (CDR) data
Enables encrypted storage of recordings on choice of shared or dedicated storage drives
Allows cloud contact center agent access via secure, encrypted browser session — which support TLS1.2 for session lockdown and DTLS-SRTP for calls delivered into agent browsers
Monitors perimeter continuously with state-of the art firewalls, intrusion protection/Intrusion detection devices
Protects servers deployed in clusters with anti-virus with virus definitions distributed daily
Scans for vulnerabilities, any detected are remediated according to severity
Conducts regular, independent, external penetration testing
Provides audit trails to know who made what change to what application
Logs all changes by time, date, and user for every organization using the cloud contact center
Offboards departing users immediately to reduce insider threats
This list is long, but your organization can’t afford to take security and privacy shortcuts. In addition, CCaaS solutions built on a private cloud – and not third-party cloud infrastructure providers – are the most secure.
With Great Security and Privacy, Remote Contact Center Agents are Here to Stay
After a few years of working from home, it’s now become a way of life. Among its many benefits, agents love working at home. The big challenge is security and privacy.
However, the right cloud contact center can help organizations confidently operate a secure, productive remote workplace.
Build brand loyalty through strong security with Content Guru. Learn more about our security and compliance service here.