How can I secure my VoIP system? What are my call center’s internal and external threats? How can we better protect our customer’s personally identifiable information or PII? What data laws does my call center need to comply with? These were the questions that IT and security leaders were asking as they prepared for 2022.
Of course, no one was asking how a global pandemic might impact security operations.
No doubt, 2021 was strenuous for even the most advanced security departments. And while corporations having to move their entire workforce to remote changed everything, the unforeseen disruption to business operations also bubbled up all-new concerns many leaders hadn’t anticipated.
As we kick off 2022, there is still no clear understanding of what the “new normal” will look like. But there are three clear drivers changing the way businesses will communicate - both internally with employees and externally with their customers. To help, here are six actionable steps IT and security teams can take now to stay ahead of the unknown.
3 Drivers of Strengthened Communication Security in 2022
Today, it’s expected that enterprises will spend a collective $12.6 billion on cloud security tools by 2023. There are three trends driving the increased investment.
1. Remote Working
The most obvious and significant thing driving the need for stronger communication security is work-from-home models. In 2020, businesses rapidly shut their physical doors in defense of COVID-19. This left IT and security leaders around the world scrambling to ensure business ran as usual but from a 100% virtual interface. Nothing can put an organization's business continuity plans to the test like a global virus.
Thinking remote work would be temporary, companies were able to implement “band-aid” solutions for the interim. But new reports indicate that work from home models are here to stay. Gartner found that 74% of organizations plan to permanently shift at least some employees to work from home. And another study says that 35% of the customer experience (CX) workforce will work from home by 2023.
IT leaders are now faced with the reality that strengthened security measures, especially across virtual call centers, are a permanent part of their operations. In 2021, the pressure is on to build systems for the long haul. This means identifying and protecting against new security risks, investing in unified technologies, and providing visibility into every aspect of the business.
2. Increased Cybersecurity Threats
As businesses start to enhance their security measures, those with contact centers should take additional precautions. Since contact centers are a rich source of PII, such as credit card numbers and social security numbers, they’re often a hot spot for cybersecurity attacks.
What’s more worrisome is that prior to the pandemic, contact center agents around the world admitted not feeling confident in their organization’s contact center security. A study reported that:
- 30% of agents had access to customers’ payment card information or SSN on file even when they’re not on the phone with the customer.
- 72% of agencies required customers to read credit card information and SSN out loud.
Flash forward to 2020, a Verizon report stated that 52% of all breaches featured hacking, 28% involved malware and 33% included phishing or social engineering. Not to mention at the beginning of the pandemic, the FBI and CISA warned companies to prepare for increased vishing attacks as they transitioned to telework.
Given the lax practices around call center security in the past, and the uptick in hacks following the pandemic, fighting cybersecurity continues to be a top priority for security professionals.
3. Regulatory Compliance
Protecting consumer personal data is a growing initiative for organizations across the globe. It’s so important that governments are passing legislation left and right to protect consumer data. Some of the more notable laws for call centers to comply with include:
The Payment Card Industry Data Security Standard (PCI DSS):
This standard prohibits storing customer’s credit card information for extended periods of time. It also restricts the recording of the three-to-four-digit number on the back of credit cards.
Health Insurance Portability and Accountability Act (HIPAA):
This standard requires organizations to ensure the security of protected health information (PHI). This applies whenever you transfer, handle or share PHI.
The General Data Protection Regulation (GDPR):
Established in Europe, the GDPR has a broad international impact on business communications. The regulation requires secure management of all PII for EU citizens.
The California Consumer Privacy Act (CCPA):
Similar to GDPR, the CCPA requires secure management and transparent access to information about the collection, storage and use of all PII.
This is hardly breaking news. Maintaining compliance was a top priority for security leaders well before the COVID-19 pandemic. But remote work added a new level of complexity for managing compliance. Securely moving operations to the cloud while also maintaining compliance has been, and will continue to be, a dual responsibility for organizations.
6 Actions Security Leaders Are Taking Now
Permanent virtual call centers, increasing cybersecurity threats and managing regulatory compliance is a serious list of tasks for IT teams to take on. To help you get a head start, here are six actionable steps you can take right now to strengthen your business communications security in 2021 and beyond.
1. Creating a ‘Work From Home’ Security Standard
Something as simple as an agent using their business email address and password to sign up for an unapproved solution can put your business at risk for a breach. For this reason, it’s important for IT and Information Security teams to create a new set of standards that agents can easily understand and apply when working from home.
Today, security leaders are taking a much more proactive approach to monitor threats and mitigate risk. A few ways organizations are restructuring their at-home security standards include:
- Restricting VPN connections to manage devices
- Only giving agents access to the information they absolutely need
- Requiring multiple forms of authentication and enabling 2-step authentication
- Enabling reporting and analytics to have complete visibility into who is using company tools and from where
2. Moving Communications to the Cloud
Whether you’re a start-up or large enterprise, one thing is for certain - having the ability to scale your communication infrastructure up or down quickly as needed is imperative. That’s why it comes as no surprise that 90% of IT leaders will cease purchasing on-premise communication tools and switch to the cloud by the end of 2021.
Here are 5 reasons smart IT leaders are switching to the cloud:
- Operating From Anywhere
Cloud voice solutions eliminate the need for traditional voice server infrastructures on-site. Instead, VoIP allows data lines over the internet to be used for outbound and inbound calls.
Additionally, IP technology can be programmed remotely, eliminating the need for any hardware or technical support. When operating in a completely virtual environment, both of these factors are necessary for organizations.
As your organization grows, so does your communication system. An agile cloud solution can seamlessly scale up or down as required and ensure employees have access to the tech they need, exactly when they need it.
- Enhanced Employee Interactions
Even before COVID-19, many organizations were allowing some form of remote work. And with remote work comes internal communications challenges of their own. Modern cloud voice solutions provide solutions here as well through unified communications features such as instant messaging, collaboration tools, conference calling and call handling.
These tools allow employees to seamlessly operate as if they were in the office. Quick questions get answered with little interruption, meetings don’t need to be canceled because someone isn’t physically present, and shared calendars make scheduling team discussions easier than ever.
- Increased Performance At Less Cost
Legacy voice systems lacked the processing capabilities to perform AI at scale. This hinders organizations from making more agile, data-driven decisions. Not to mention, they are extremely expensive to install and manage.
With one easy monthly service payment, cloud solutions powered by AI give your team advanced analytics that can be used to make revenue-driving business decisions.
- Improved Customer Experience
The cloud allows your organization to connect customers directly with the department or individual they need without having to go through an operator. Features such as virtual agents, auto attendants and self-service drastically improve the experience your customers have with your company.
Those same features can also be customized to communicate holiday greetings, how your organization is handling COVID-19, frequently asked questions and anything else that might be valuable to your customers.
Lastly, cloud solutions ensure consistency and quality of customer communications with features like call recording and live call monitoring.
3. Adopting New Forms of Authentication and Authorization
With cybersecurity crime on the rise, a top priority for call centers is to adopt more secure ways of authentication and authorization.
A recent study shows that even though 54% of organizations are confident in their knowledge-based authentication, 34% of security leaders plan to adopt multi-factor authentication as an added layer of security.
In addition to multi-factor authentication, companies that offer customer support through applications are investing in biometrics. Biometric authentication uses face recognition, fingerprints or iris recognition to access the applications. In addition to being secure, biometrics also improves customer experience since once customers are in the app, they can access live chat and other communication features without further validation.
Lastly, with advanced contact center software, admins have the ability to define user permissions. This ensures only the employees who need access to call analytics and call recordings have those permissions. This is especially helpful for call center managers when monitoring customer service and KPIs.
4. Managing Call Handling Compliance
Maintaining regulatory compliance is another key reason leaders are bulking up the security of their communications.
Laws like PCI DSS prohibit call centers from recording CVV numbers, personal identification numbers and any other sensitive data. For that reason, security leaders are investing in API solutions that pause voice, screen recordings, chat, screen-share and co-browser sessions when call agents handle secure data. The regulation also requires agents to be logged in to be assigned a unique ID for security purposes, strengthening the need for two-factor authentication.
Organizations that transmit patient medical information are investing in cloud solutions for enhanced security. If this applies to your business, be sure to hire vendors who have undergone an independent audit to verify administrative, physical and technical controls required for HIPAA compliance.
For call centers specifically, choose a vendor who provides the option for external call recording storage. This way, PHI is stored and access is controlled from the business's AWS server.
5. Training Employees on Cybercrime
Because contact centers are a prime target for cybersecurity hacks, it’s important agents are trained for fraud and social engineering threats. Without the right tools and policies in place, your agents can become easy prey, encouraged to access sensitive information they shouldn’t have access to.
Require agents to participate in continuous cybersecurity training. This will ensure everyone is on the same page when it comes to security measures and policies. From knowing how to spot a potentially malicious link to identifying a vishing attempt, your virtual agents should be prepared for anything.
Another great way to keep your employees up-to-date with the latest in cybersecurity is by keeping up with your peers. Here are some forums IT leaders use to communicate with peers and stay ahead of cybersecurity trends:
- TechExams Community: A source of high-quality information on IT and security certifications training as well as a place for discussion on cybersecurity news, cloud updates and more.
- MalwareTips: A forum dedicated to the latest news in IT security. Join 56,000 members as they provide helpful tips and recommendations on how to improve digital privacy and security.
- Antionline: A long-standing forum featuring security discussions on issues like adware, firewalls, cyber scams and antivirus. It also covers software, training, conferences and other general industry discussions.
6. Unifying Technologies
As more companies move to remote work (and are no longer able to walk over to their peers and ask questions) it's even more important for them to be able to work efficiently -- meaning not having 10 tabs open and working across multiple platforms to do their job.
IT leaders have an opportunity to educate departments within their organization on technologies that can integrate seamlessly....and play an important role in assuring that as those technologies integrate -- security and compliance concerns are being addressed at the onset. For example, if your company is integrating your CRM into your call center platform, how is that PII being transferred? IT leaders have an important role to play in advising departments to align with vendors and technologies that share similar security practices.
At AVOXI, we automatically integrate call center activity with the most trusted CRM, HelpDesk and Chat technologies to seamlessly log remote agency activity. Take a peek at who we integrate with here.
A New Era for Business Communications
There is no denying it. 2020 was a tough year for IT and security leaders at enterprise-level organizations. COVID-19 added an extensive level of complexity to business communications while increasing their workload levels and accountability. Heading into the new year, successful organizations will have to take what they learned during the pandemic and continue to strengthen the security of their communications posture to align with the new normal.
By implementing remote workforce security standards, safeguarding your communications to the cloud and unifying your technologies across like-minded vendors, IT and security professionals will be able to ensure the business runs as-usual, without disruptions.
If your organization is looking for secure, reliable cloud communications - whether it’s global voice or contact center solutions - I’d encourage you to learn more about AVOXI. Over 6000 global businesses rely on us daily to keep their communications running and we’d welcome the opportunity to show you how we can help your business communicate better in the year ahead! Try our contact center platform or check out our expansive global voice catalog today.
Telecom Security Toolkit
A set of free resources for detecting and preventing security risks in your communication networks and technology.