How Customer Engagement Centers Can Boost Security and Compliance
Customer engagement centers — customer service hubs that have evolved from call centers into sets of technologies and services that aim to provide customer service and support on any channel at any time — are a key aspect of how businesses reach and retain customers.
As customers themselves become more tech-savvy, so must these centers. In fact, according to a recent report from Oracle and Gartner, “by 2021, businesses that redesigned their websites to support visual and voice search will increase digital commerce revenue by 30 percent.”
But this integration of new technology, which is expanding to include artificial intelligence and chatbots, must also be balanced with the fact that many customers still want to speak with real people.
And as these centers evolve to include more tools than ever, regulations must be upheld along the way.
This isn’t unique. Practically every industry has to grapple with data privacy regulations — such as HIPAA, the Payment Card Industry Data Security Standard, the EU’s General Data Protection Regulation and the Sarbanes–Oxley Act — and these requirements extend to the customer engagement center, where agents routinely handle protected information and calls are often recorded for quality assurance and training purposes.
DOWNLOAD: Learn more in CDW's white paper "The Evolution of the Customer Engagement Center."
4 Features to Improve Customer Engagement Center Compliance
These features can help organizations improve security and ensure compliance in the customer engagement center:
1. Start-and-stop recording:
In some customer engagement centers, agents manually pause call recordings when customers read off sensitive information such as credit card numbers. While this can reduce the amount of regulated data that is stored, the process is prone to error. Automated pauses in recording and interactive voice response systems, where customers enter information with their telephone keypads, are also options.
2. Data encryption, storage and deletion:
Sensitive data should be encrypted in transit and at rest, and should be destroyed when an account is deactivated.
Only users with maximum security clearance, or those in specific roles defined by the organization, should have visibility into customer data and recordings.
4. Intrusion prevention systems:
An IPS can protect sensitive data by monitoring networks for security threats and policy violations and reporting suspicious activity.