Work from Home (WFH) Contact Center Agents Introduce New Concerns

Recording contact center calls is not new. Office-based contact centers have long been making call recordings for training purposes. To ensure positive, productive agent interactions, supervisor barge-ins have been routine.

Moreover, when it comes to financial transactions, recording customer interactions has been, and still is, important to organizational compliance requirements.

In the call center of old, agents didn’t expect any degree of privacy.

The same tasks in a new set of walls raises privacy concerns

The difference now? Contact center tasks increasingly happen in a home office.

Since cloud contact centers must log all activity to fulfill its customer experience mission, organizations should not confuse logging with “bossware” tools that are designed to monitor employees.

Cloud contact center solutions enable a high quality agent experience by using a workforce management application. By using this kind of tool, enterprises generally get new levels of visibility and control.

For example, detailed logging with date and time stamps that are designed to help ensure consistent, fast, and friendly problem resolution show agent activity. Since logs are always complete, regardless of whether an interaction is voice, email, webchat, text or social media, agent activities are easy to see at all times. Even in the home office.

Security concerns can piggyback remote cloud contact centers

In many cases, remote-working agents can access sensitive data, like personally identifiable information. It’s incumbent on the enterprise to have both security technologies and processes in place to ensure proper data security.

In an on-prem call center, all data stays on the corporate network. That network is secured by firewalls, intrusion detection gear, and other security services. These aren’t always realistic in a home office, though.

So, how do contact centers adapt to meet the needs of remote cloud contact center agents?

WFH changes how agents work and live with your cloud contact center

Supervisors need to respect organization agent personal time, boundaries, and human needs. Consider the following best practices.

Establish trust with your WFH organization agents.

Encourage agents to take regular breaks – don’t expect anyone to work an 8-hour shift without breaks. Make sure agents keep their status updated, so contact volume stays well-managed. Extend flexible scheduling to agents control over their work schedule. Plan staffing to avoid frequent alerting or messaging to add extra agents, or even machine agents, to meet demand spikes.

Demonstrate the positive benefits of Workforce Management (WFM) tools.

Detailed logs of omnichannel interactions bring some great benefits. For example, WFM apps allow supervisors to view accurate forecasts for the day ahead. Supervisors save time with automatic scheduling, while agents can sign up for schedules that flex to meet their distinct needs.

Empower contact center agents.

Give them more control over their interactions and allow them to tackle each customer problem without a standard script. Use self-service, intelligent chatbots, and artificial intelligence to answer routine inquiries. This way, interactions your agents handle will be less and less standard. And then by letting agents engage as they see fit, both customers and agents enjoy a better experience.

Provide VPNs with split tunneling.

This turns a single Internet connection into two. One goes through the VPN’s encrypted tunnel. The second is an ordinary home Internet connection—hence, “split tunneling.” It’s great for organization WFH agents who need security for some things, and speed for others.

So how does this protect both security and privacy?

For work, WFH agents access organization resources through the encrypted VPN. They use the unencrypted Internet connection and a browser for cloud contact center access – with its own security - through the unencrypted tunnel. Hence, the enterprise gets peace of mind that their remote agents securely operate.

During off-work hours, WFH agents use this unencrypted part for personal Internet activities. This way, agents get privacy from their employers.

Protect customer data in your remote cloud contact centers

For organizations with a hybrid or remote contact center, lock down security wherever agents work.

Implement Zero Trust

An integrated approach to security, specifically zero trust is essential. Zero trust is a strategy and an architecture that protects organization infrastructure by following least privilege access, or whitelisting for resource access.

Specifically, users and devices must have explicit permission to access resources, even when inside the perimeter.

Identity is at the core of zero-trust, so rock-solid identity management must be in place. It authenticates user identity using multi-factor authentication.

In addition, organizations need to deploy an endpoint protection platform. And it needs to include the array of endpoints an agent might use, including laptops, tablets, and mobile phones.

This way, there’s authentication for the agents and the devices they use – that, in real-time, determines whether to allow access.

Make sure your cloud contact center has privacy and security safeguards

For organizations, encryption for both data in-transit and at rest protects all customer records, including interactions, credit card or personal identifying information. There can be no compromises.

In addition, your cloud contact center partner should follow some important high-level architectural principles. You should make sure that your Contact Center as a Service (CCaaS) vendor:

• Works with identity/Single Sign On (SSO) providers with native integrations using SAML2.0, like Active Directory, Okta, or Sailpoint

• Uses Two-Factor Authentication (2FA) and authenticates agent identities via email or text to a mobile phone

• Encrypts all stored Call Detail Record (CDR) data

• Enables encrypted storage of recordings on choice of shared or dedicated storage drives

• Allows cloud contact center agent access via secure, encrypted browser session — which support TLS1.2 for session lockdown and DTLS-SRTP for calls delivered into agent browsers

• Monitors perimeter continuously with state-of the art firewalls, intrusion protection/Intrusion detection devices

• Protects servers deployed in clusters with anti-virus with virus definitions distributed daily

• Scans for vulnerabilities, any detected are remediated according to severity

• Conducts regular, independent, external penetration testing

• Provides audit trails to know who made what change to what application

• Logs all changes by time, date, and user for every organization using the cloud contact center

• Offboards departing users immediately to reduce insider threats

This list is long, but your organization can’t afford to take security and privacy shortcuts. In addition, CCaaS solutions built on a private cloud – and not third-party cloud infrastructure providers – are the most secure.