Information Security
Mitigate security threats in your contact center
By Jennifer Bonacci
0 min read
Maintain control in the new remote work model and increase contact center security.
The increased opportunity to work remotely is beneficial to both the employer (reduced overhead) and the employee (more flexibility), but it has also increased the number of vulnerable attack vectors. These are weaker points in the tech stack infrastructure created when home, business, and operating systems are linked together, making them more susceptible to hackers, insider threats, and viruses.
This virtual stretching of the network outside of the traditional central office exposes data in ways that have never been seen before, contributing to what Forrester called “a perfect storm for insider threats.” A report from Metrigy shows that, with more than half of companies surveyed planning to continue supporting work-from-home (WFH) agents after the pandemic, insider threats are a persistent challenge.
To mitigate these threats and take control of your contact center’s WFH infrastructure and security management, you need to better understand the vulnerabilities in your systems and processes. By doing this, you can effectively plan and implement a solution for a continually changing situation, as well as help your agents make better and less risky decisions, no matter where they are located.
What the lawyer cat can teach us about the different levels and types of insider threats.
In February 2021, Ron Ponton found himself an unwitting Internet star after borrowing his assistant’s computer (which had most recently been used by her child) to join a Zoom court hearing. Little did he know, a cat filter had been installed turning his face into an animated feline. While he struggled unsuccessfully to turn it off, he spoke these now infamous words to the judge, “I am not a cat.”
While amusing, this story is just one of many compromising incidents resulting from the COVID-accelerated shift to remote work that blurred the line between professional and personal lives.
This overlap resulted in more weak points across the digital infrastructure of many companies as they worked to quickly get their employees up and running. Suddenly, many employees found themselves having to work with whatever was available, conducting business from their personal computers, or conversely, taking care of personal tasks on their work computers.
The lawyer cat is a great example of how common, and possibly compromising, sharing devices can be. But even those employees working from home with dedicated hardware face new obstacles that could trigger negative consequences across the company.
Competition for network bandwidth from both classes and work being conducted through data-hungry video conferencing programs led to annoyingly slow connectivity or getting kicked off the network altogether, compromising employee efficacy and awareness.
People, processes, and technology: Bridging the WFH security gap.
1. People.
There are three takeaways here. The first has to do with people. Security breaches don’t always come from malicious hackers outside the organization. And insider threats don’t always come from someone intent on doing harm.
Threats can range from lack of awareness (e.g., connecting to the company network through an inherently less secure public WiFi spot; becoming the victim of a phishing attack; or letting someone borrow a work computer) to overt, ill-intentioned actions (e.g., misusing or leaking corporate data; installing unauthorized applications; knowingly trying to spread malware).
Because working from home means there is no longer the physical presence of a supervisor walking the floor to help mitigate risk, it’s imperative that agents and supervisors work together to define and create the optimal WFH environment.
For supervisors, for example, this means hiring the right people who are willing to do their part to keep the company data secure, even when they are out of sight in their home office. When agents and supervisors work together toward this shared goal, it alleviates pressure on IT and security teams and allows those teams to focus on more complex issues.
2. Processes.
Along with hiring the right people, the right processes need to be in place to help a business maintain control. To prevent unintentional breaches and to help forestall malicious threats in this new WFH environment, companies need to reevaluate their processes and procedures and adapt them to be effective both in a central office, as well as across a wide network of remote employees.
For instance, voice biometric technology, which uses unique biological characteristics to verify an individual’s identity, helps both WFH and in-house agents. Unlike unique passwords or pin codes, the voice can’t be stolen or lost and AI algorithms can be trained to detect spoofing or synthetic voices.
To be successful, the right tools need to be put in place. This brings us to the third point: technology.
"Yesterday’s solutions that focused only on securing the physical contact center won’t cut it in the new WFH economy."
3. Technology.
Security infrastructure has been traditionally designed to meet the needs of contained, central-office environments, where monitoring compliance and employee efficacy was relatively easy. A single floor supervisor was able to monitor a greater number of employees and ensure, for example, that nobody was downloading files or accessing private data.
The permanent change in the work landscape makes it imperative that contact centers align their priorities with this new reality if they want to remain competitive and, most importantly, in control of their distributed workforce.
Yesterday’s solutions that focused only on securing the physical contact center won’t cut it in the new WFH economy. What’s needed are new tools that not only identify vulnerabilities but also empower agents to make better decisions.
“Good dog, Lassie!”: Security is a shared responsibility.
There is no silver bullet for cybersecurity. Cyber attacks and security solutions are locked in a modern-day cold war, where new threats trigger new solutions—going round and round. Relying on human intervention alone to stay ahead of these attacks is reminiscent of the proverbial Dutch boy trying to stop a dam from bursting by jamming his fingers in the cracks.
However, AI, trained to identify risky behavior and hard-to-find patterns, can take much of that lift off your shoulders.
The AI-human partnership can help boost the security of critical networks and infrastructure. Just like Lassie was an additional partner to the family (instead of a replacement for Timmy) and acted as an added layer of security to alert humans whenever Timmy fell into a well, or similar danger, Talkdesk Guardian is an added layer of security for your contact center.
Talkdesk Guardian is a new AI-driven security and productivity solution from Talkdesk that gives contact centers the power to achieve greater operational efficiency and better security through real-time insights into agent activity, network access, and unusual behavior.
Guardian protects your data by continuously monitoring vulnerabilities. It also performs procedural compliance and automatically alerts supervisors and agents whenever something anomalous is detected.
If potential malicious activity is found, supervisors are alerted before the threat becomes a significant business risk. If agents are accessing an unsecure network or engaging in non-compliant behavior, they are notified immediately and can take corrective action.
A cloud contact center security suite that adds value to your day-to-day operations.
While security is at the forefront of Guardian, this unique solution also makes day-to-day operations easier to monitor and control. In addition to alerting agents about bad or suboptimal network connections, Guardian also alerts administrators in order to implement a more strategic fix.
Supervisors can also take advantage of the detailed agent profiles automatically built using quantitative data. By providing key insights into agent performance, these profiles can be used for evaluative purposes, ensuring your most important processes and protocols are followed. And with a better understanding of your contact center’s personnel needs, you now have the tools to meet key performance indicators (KPIs) such as average handle time (AHT).
Additionally, supervisors can also instantly tell who is currently logged into the contact center and the security of their access. This information is always updated in real-time and can be filtered by multiple parameters, including department, geography, and ring group.
You can have a secure WFH contact center.
A distributed workforce makes contact centers highly susceptible to security breaches. Without a dedicated solution to monitor and identify the unique potential threats coming from WFH environments, there can be real security consequences.
The traditional security measures that have been effective up until now are no longer adequate enough to protect sensitive customer data and maintain the integrity of daily operations across the highly individualized workforce of the post-COVID world. Additional AI monitoring and detection is needed.
Whether it’s lack of awareness, inconsistent policy enforcement, or deliberate fraud, Guardian can help close critical vulnerabilities in the contact center and boost agent productivity. Knowing the weak links in your security infrastructure allows you to address them before they manifest into major risks to your operations.
Guardian drives efficiencies across your contact center and lays the groundwork for your business to continue to maintain its security profile while also protecting profits and growing revenue.
To learn more about Talkdesk Guardian watch the conversation between Rui Biscaia, head of Guardian product development, Thomas Rude of Resideo, and Rob Meikle, the former CIO of the City of Toronto.
