Since the early days of work-at-home customer service, customer experience (CX) and BPO providers have always struggled with the same issue: how to replicate in-center security and compliance practices in a virtual setting.
Today, with work-at-home CX now accelerating, brands are finally coming around to the idea that a virtual workforce can actually increase security, especially when leveraging the security and compliance tools available through pure-play work-at-home providers.
Still, we understand that compliance and security are paramount for many businesses, so here are the three main security protocols and tools that all BPOs and CX providers should have in place when operating in a virtual setting.
Virtual Desktop Infrastructure
Without a doubt, the first and most important element in a work-at-home setup is virtual desktop infrastructure (VDI), a cloud-based tool that separates the corporate desktop environment from the employee’s physical hardware.
VDIs allow BPOs to control and monitor employee workflows, providing the ability to manage all the applications and tools available to a work-at-home agent. From a security perspective, VDIs ensure that employees cannot copy information from one platform to another. For instance, you can remove the copy/paste functionality or hide specific fields that contain sensitive data.
Simply put, without a robust VDI in place, BPOs and CX providers are at higher risk of hacks, cybersecurity breaches, and internal threats from rogue employees.
Clean Desk Policy and Active Compliance Monitoring
Most contact centers have a clean desk policy and inspection process, so why should that be any different in a work-at-home environment?
Employees should have clear desks at all times during their shifts, with no paper, pens, notebooks, phones, cameras, or any tools that could lead to data theft.
The inspection process is more difficult than in-center, as supervisors cannot simply walk the floor, but that shouldn’t mean it’s overlooked. BPOs should have the ability to perform regular, mandatory, virtual spot checks, using cameras such as webcams, IP cameras, or even video calls on employee cellphones to assess their agents’ desks at a moment’s notice. The added bonus here is that agents are aware of the surveillance, deterring any illegal or prohibited activities—the exact same premise behind CCTV cameras and floor-walkers in contact centers.
When it comes to virtual compliance monitoring, the reality is that most providers don’t have the necessary tools or processes in place, as the costs of equipment and operational resources can be huge.
In the SmartVirtualTM work-at-home environment, we’ve been working with a clean desk policy and an inspection mechanism since day one, allowing us to focus on great CX rather than the “hows” of virtual security and compliance. By definition, SmartVirtualTM is built upon a strong security and compliance foundation, allowing us to control and monitor much more than is possible in a physical contact center.
Masking Sensitive Information
There are two best practices for ensuring sensitive information is protected. The first is masking it at the CRM level with no exceptions, which means hiding it from brand employees and outsourced employees the same.
If for whatever reason that isn’t possible, it’s very easy to implement the use of DTMF (dual-tone multi-frequency) distortion, which involves the customer entering credit card details over the phone, either through natural language processing or dial tone inputs.
There are plenty of examples of brands with high risks businesses already using these technologies to boost security, particularly AMEX, which refuses to take sensitive information over the phone and masks this information throughout the entire company.
If your brand has not been able to implement masking tools, check if your CX and BPO providers are offering them as part of their service agreement. If not, it’s time to look elsewhere.
Dispelling the Myths of Virtual Vs. In-Center
To wrap this up, a robust level of security and compliance is equally as possible for work-at-home as it is in a physical contact center setting. In fact, the risk of fraud has nothing to do with work-at-home, as data shows a higher percentage of crime occurring in traditional brick and mortar.
There’s a false sense of concern surrounding risks associated with work-at-home, as the notion suggests that people are more likely to commit a crime if we can’t see them. With the tools and services available today from experienced, dedicated work-at-home providers, the old way of doing business is changing.
If your BPO or CX provider is rushing to go virtual, then it’s frankly not ready to offer the necessary level of security and compliance to its clients. The solution is to eliminate the risk by engaging with a provider that already operates in a safe, secure virtual environment with a trusted, experienced workforce, because, for pure-play virtual CX providers this is business as usual, not just an emergency addition to a last-minute strategy.