4 Ways to Defend Contact Centres from Cyber Crime

4 ways to defend against Cyber Criminals attempt to infiltrate Contact Centres

Jas Bansal

Jas Bansal

Head of Marketing, Kerv Experience|Kerv Experience

A passionate, enthusiastic marketeer, Jas oversees the entire mix, driving new business and building client relationships through sales and marketing campaigns, events, PR, and more.

Published 17/01/23 under:

Have a question?

Get in touch

Introducing a paper five years ago, PwC said:

“Give customers a great experience and they’ll buy more, be more loyal and share their experience with friends. That’s what every company strives for.”


How time flies. While PwC back then recognised one in three consumers will walk away after just one bad experience, the security word wasn’t even mentioned. It took the pandemic-induced explosion in digital channels and remote working for McKinsey (and others) to introduce consumer identity and access management (CIAM) into the argument.

Now, 75 percent of UK contact centre businesses are concerned about cybersecurity when remote working, according to research by ContactBabel.

1) Remote workforces bring unique challenges: aim for a security centre of excellence

It’s only a matter of time before most companies deploy a hybrid, if not fully remote, workforce. That has a wide range of benefits: happier, healthier employees, lower operating costs, and a smaller carbon footprint. But it’s not without security risks.

An HP study found 70 percent of remote office workers said they use work devices for personal tasks, while 69 percent use personal laptops or printers to do their work. So, with more agents working from home, contact centres need clearly defined security protocols.

It’s not just remote working, of course. While increases in cybercrime have similar roots, villains intent on making ill-gotten gains from identity fraud have woken up to the size of the swindles out there. And contact centres are at the forefront of the onslaught. Not least because of the huge growth in the attack surface on offer.

If customers know an organisation can keep their data safe, they have a more positive experience says a TechTarget article. While contact centres have often struggled to protect client data, demonstrable best practices can help engender trust. Establishing the contact centre as a security centre of excellence is key to enhancing customer confidence.

A Genesys paper says data fencing – restricting access to data by location – is table stakes in the age of flexible labour. Whether on internal servers, in the cloud, on employee devices, or transiting between endpoints, data must be prevented from crossing compliance boundaries.

The web browser remains vulnerable with user credentials and passwords as targets. Exploiting the browser happens in a variety of ways, such as the cache and stored passwords. Kerv Experience says address such weak spots by installing robust web application firewalls on all company devices and networks and insist employees only connect using private, secured Wi-Fi.

2) Consumers demand more control over their data: seek safety from cyberattacks

When it comes to CIAM, the McKinsey paper says while companies continue to expand their consumer-facing digital platforms, consumers struggle with authentication processes. Much dissatisfaction stems from complexity introduced to thwart increasing cyberthreats.

Leading companies are thinking about a secure customer journey – an engaging online and mobile experience safe from cyberattacks and fraudsters. The importance of this has grown. Most have seen the num­ber of customer accounts and associated data sets proliferate. The expansion of digital channels has also expanded the field for malicious actors with more opportunities to commit fraud or take over accounts.

At the same time, regulators are also pressing organisations to secure the customer journey. Many organisations collect and use customer data to offer personalised digital experiences, but they have not all taken effective measures to prevent the risks data breaches pose to their customers’ privacy.

A 2021 survey by KPMG found consumer anxiety about data remains high: 86 percent of consumers are concerned about privacy issues and 78 percent worry about the amount of data collected. Despite this data collection has increased, even while security measures seem to lag: the same KPMG study found 62 percent admitted they could do more to strengthen their data protection measures.

Genesys points out there’s a paradox. Consumers are concerned about data privacy, but they also want personalised experiences. By including transparency into everyday data operations means being clear about what one intends to do with it and ensuring that, when possible, data is anonymised. Being transparent also means giving customers more control over what data they want to share.

3) Housing massive amounts of data poses a threat: keep technology current

Minimising unnecessary data access is an often-overlooked measure. Putting in place system permissions and deleting employee access to accounts when people leave the company make sense. Masking sensitive data to limit the information displayed to employees is a no-brainer. PCI DSS procedures are an obvious example.

Guaranteeing data accessibility to the right people is essential. For example, an agent should log on with a unique ID and password, following an identity and access management process for user authorisation. Meanwhile keeping technology current ensures systems and components are up to date, as bad actors always test systems for unsuspected openings.

Note cloud-based systems eliminate many such loopholes. That’s why a growing number of companies are choosing contact centre as a service (CCaaS). Building on a microservices foundation (like AWS and Genesys Cloud CX) allows security walls or layers within the solution. This means the attack surface becomes smaller than the whole, limiting the threat opportunity.

Given the sophistication of current cyberattacks, companies can’t assume one methodology will solve all security problems. The key is to secure all data – not just the network. To minimise the impact of a potential data breach, part of building the right infrastructure is to integrate security at various layers. This includes encrypting data at rest and in motion.

Also, when building security layers, think past the conventional CIO role of after-the-event intervention. Partner with technology leaders like Kerv Experience early and strategically to ensure security is prioritised and operationalised across the entire organisation.

4) Cloud is now the baseline for better security: ensure intelligent data transfer

A Gemalto survey of 10,500 enterprises and 1,050 IT decision makers from 11 countries revealed companies struggle to control their data. Only 54 percent know where their sensitive data is stored, and 91 percent of IT decision-makers believe they should be better prepared to take advantage of the growing volume of data available. In addition, only 55 percent believe they are GDPR compliant. These numbers reveal contact centre risk management weaknesses.

Customer conversations must be secure. In fact, with each call they share personal and, sometimes, confidential information with agents. It’s therefore necessary to guarantee the security of this information and to reassure customers of that fact. The use of artificial intelligence (AI) and the implementation of an IVR help by ensuring intelligent data transfer according to the caller’s needs.

Kerv Experience partners like Genesys fight against the virtually limitless ways cyber criminals try to infiltrate a contact centre infrastructure. Such scams include, for example, attempting to get employees to unwittingly open suspicious websites or click malicious email links. Yet hackers have become still more sophisticated, and their intrusion schemes ever more dangerous. Such as finding a backdoor to access a computer and cripple the system with a DDoS attack (especially via an unprotected remote working machine).

That’s why investing in training is critical to a security strategy to ensure reliable operations, prevent mistakes, and maintain customer trust.

Genesys Cloud CX™ with Genesys Trust Centre is a comprehensive solution that not only offers a market-leading customer and employee experience, but also safeguards systems and data from cyberthreats. Helping secure clients’ critical personal information, it helps ensure employees work safely online and trains them about threats like phishing attacks and browser security warnings.

Inspiring client confidence, this keeps systems and data safe through our compliance portfolio, demonstrating the Genesys Cloud CX™ commitment to security improvements internally as well as security assurance externally. Genesys leadership is intrinsic to driving this information security and compliance posture through resourcing, culture, and continued diligence.

In fact, one of the reasons why Kerv Experience went all-in with Genesys is their leadership of industry best practices, relevant and appropriate international standards, and – where applicable – national legislation. These provide the greatest assurance internally and externally. Those things also set Genesys apart and show commitment to be best in class from a security and privacy perspective, as well as in its products and services.

Finally regular, comprehensive agent training keeps everyone on their toes and ensures security provisions and policies are always fit for purpose.


You might also be interested in

From our world to yours

Life at Kerv as a Head of Customer Success

From our world to yours

How Financial Institutions are Overcoming Regulatory Challenges

From our world to yours

PureGym emerges one of the fittest at this year’s European Contact Centre...

From our world to yours

Migration Services Assured for Genesys PureConnect Contact Centre Customers

From our world to yours

Mobile Voice Recording: Migration, Integration and Monitoring

From our world to yours

Does your existing solution ensure MS Teams eComms Compliance?

From our world to yours

End-to-End Communications and Compliance Guide

From our world to yours

Cost Effective Strategies for Optimising AI Benefits in BPOs

From our world to yours

MCA Selects Kerv Digital for Innovative Microsoft Dynamics 365 Programme

From our world to yours

The Necessity of AI for Business Leaders

From our world to yours

Compliance Cloud: The Comprehensive Managed Recording Solution

From our world to yours

Rapid-WAN: High-Speed, Uninterrupted SD-WAN

From our world to yours

Life at Kerv as a Principal Solutions Consultant

From our world to yours

Four Top Tips for Contact Centre Cost-Cutting in 2024

From our world to yours

Back to Basics: Microsoft Power Platform

From our world to yours

Kerv wins Rising Star Award at the CRN Channel Awards 2023! 

From our world to yours

Guide to optimising your Azure cloud environment

From our world to yours

Bewitching Business with Microsoft Magic

From our world to yours

Retail Revolution: Boosting Connectivity & CX with SD-WAN

From our world to yours

Taking Advantage of Generative AI & Microsoft Copilot – Business Leaders Workshop

From our world to yours

Accelerating Business: The Power of Kerv Rapid-WAN

From our world to yours

How the FCA’s New Consumer Duty Affects Compliance Recording: A Deep Dive...

From our world to yours

The Road to a Green Future: Sustainability for the Transport Industry via...

From our world to yours

Life at Kerv as an Account Manager

From our world to yours

PureGym Solves Peak Demand Challenges with Digital and AI

Have a question?

Leave your details and a member of the team will be in touch to help.

"*" indicates required fields

By pressing send, you agree to our Terms and Conditions and Privacy Policy.
This field is for validation purposes and should be left unchanged.