In early 2020, conventional wisdom predicted that customer support was going digital and that companies would largely transition back to in-house support for interactions requiring the human touch. However, COVID taught us differently. Not only did it become impossible to staff internal CX operations in a timely manner, but digital customer experience required more guidance and personal interaction than anticipated. Many brands with at-home footprints, found it challenging to ramp up to meet the escalating demand internally. However, they expected their CX partners to do so—and quickly.
Focus on People, Process, and Technology
The first few months of the pandemic were a sprint to get agents up and running at home. Some organizations decided to scale existing solutions to accommodate the growth in capacity. Others like ResultsCX, built a new platform from scratch, benefiting from the ability to incorporate far stronger security measures in a brand-new system. That’s when many organizations learned that there are three make-or-break components of home-based support: people, process, and technology – and security is a big part of all of them. First, you need people who understand how to work securely in a virtual environment. Then, operating processes must be completely shifted and adapted to match a virtual environment; security considerations must apply to every altered process, as well as to every change in the technology involved, which in many cases needed to be completely re-architected.
Think about the former contact center environment, where managing core security practices was systematized until it was practically effortless; everything, from a clean desktop to what showed up on agent PCs, was constantly monitored on the production floor. In the new remote world, every PC in a home becomes in essence a contact center, with its own network that must be kept secure. Every function needs to feed into a single secure platform. Systems for training, coaching, and monitoring had to be reimagined and scaled in ways that had never been done before. Many businesses skipped that necessary step, opening themselves up to security risks, as well as network penetration and hacking.
Managing all these networks also requires managing the increased risks—whether data leaks, privacy breaches, increased credit card fraud, or other serious threats. In many cases, clients used third parties as technology partners for the work-at-home transition. In essence the security threat quintupled overnight.
Web Log-In Access and VPN—What Can Go Wrong
One way that organizations accommodated their new remote workforces was to simply allow agents to access applications with web passwords and logins from home, without taking into consideration that this could now involve thousands of agents across multiple vendors. In many instances, there was no way to monitor access, which opened clients up to epic levels of fraud. In a situation like this, 1- 5% of agents are likely to do something inappropriate or potentially even break client, industry, state, or federal regulations. Once system access opened on the web, hackers across the globe were eager to take advantage of many organizations’ limited ability to block their access.
Scaling Existing Solutions to Accommodate Volume Growth Didn’t Work
Some companies entered the work-at-home era with VPN systems that supported general and administrative staff, but not customers. Many of the CRMs and primary software tools weren’t reconfigured for work-at-home. This meant an employee could work on a VPN, then log off to spend personal time on the internet. If the employee accidentally downloaded a virus, it now had an infection path straight into the company network the next time that employee used the VPN for system access.
During the transition to work-from-home, some large BPO providers were hit by ransomware. Almost without exception, these attacks entered through technology the business already used and assumed would scale effectively. What was thought to be a secure, stable platform really was a stable, but not universally secure platform. The vulnerability posed by VPN on home PCs was not recognized; bad actors caught on early and quickly seized on the opportunity.
Helping Clients Handle Security
A strong security stance involves a deep commitment to security measures at the highest level. It means applying strict controls to your systems and processes and limiting access whenever and wherever necessary. It also requires frequent security reviews. For instance, several times a week, our security experts conduct reviews with our clients, examining their security configurations and offering guidance on implementing additional best practices.
Many clients realize that our daily diligence with managing security across multiple industries makes us a source of knowledge on new or unexpected threats, as well as trustworthy advisors on steps to take and tools to implement. Recently, a client reached out to our Information Security team with questions about adopting a new cloud ACD platform. Five years ago, such outreach by our clients was rare. Our success at maintaining a secure environment makes us an important security resource for our clients – allowing us to better position them against the onslaught of hacking, phishing, and other attempts to breach systems.
Learn more about building a stronger information security environment