In modern business capturing data, in whatever form, is a
common activity in companies large or small, in retail or hospitality, B2B or
heavy industry. But whilst everyone understands and appreciates the role that
captured data plays, not everyone takes data security as seriously.
Whenever someone fills out a form and gives their data there
is an expectation that it will be kept secure and used discretely, working to improve
the information and service they receive. The truth is that this is not always
the case. In the recent Adestra Email Marketing Industry Census 2012 it was
stated that of client side companies, only 56% have policies in place to guard
against data breaches, and worse still, just 47% of supply-side companies have
data security processes in place.
The report further evidenced the problem by stating that
around a quarter of agencies failed to know what data security policies were in
place and amazingly, some didn’t even know if policies existed in their company.
The statistics reveal that in some sectors there is an utter lack of awareness
of the issues surrounding data security and that many operators are woefully
underprepared to respond to and proactively protect against security breaches.
It is not simply inadequacies in preparation and negligence
of the issues however. A recent article in the Sunday Times and Marketing Week
highlighted the malicious misuse of data and the burgeoning black market
surrounding the personal details of UK residents in Indian contact centres.
This illegal sale of data is according to one police source; “out of control”
although fear of negative publicity has led to many cases being covered up.
The illegal sale of data in Indian contact centres is
currently being investigated by the ICO, providing yet more impetus for UK
companies to keep their contact centre operations onshore and appear more
committed to protecting their customers’ data.
At EWA it has been one of our objectives for some time to make sure that
we make sure we promote and protect our clients and their reputations through
pursuing robust data security measures.
To do this it’s critical that we keep client information
secure. If we fail, then we compromise our clients’ integrity and their
customers’ rights and even safety. If you are looking for a contact centre or
outsourced contact solutions then from a security point of view, ISO27001
Accreditation should be seen as a priority in your selection process.
So how do you keep
data secure?
We protect against
internal threats by having a clearly defined barrier between contact centre
agents and the data centres where raw data is stored. This prevents a member of
staff from manipulating or downloading data directly and is achieved by not
storing data locally, and insisting that remote servers are used to view data.
This ensures that the employee can see the data, but will never have access to
all of the customer’s details.
We protect against
external threats such as third party hackers by ensuring all access points
into the IT infrastructure, whether they are agency of client side are secure. This
security is ensured by installing multiple layers of firewalls and implementing
infrastructures which can be segmented to enforce traffic segregation,
eliminating data traffic misrouting.
Dealing with threats is one thing; protection from the technology itself is another. With huge amounts
of personal data being stored it is vital that contact centres have the ability
to not only store data securely but also to return intact data on request. This
requires the contact centres to not only be experts in customer contact, but
also experts in the archival and retrieval of data.
Having these security measures is vital for any agency that
holds customer data, it is equally important however that there are tools,
processes and procedures present that will monitor and test the ongoing
performance of such security measures.
Only through this continued vigilance over the data being passed from
the database to the right client or agent is it possible to instil confidence
in customers that their data is being actively protected from risk.