Presentation is loading. Please wait.

Presentation is loading. Please wait.

Contact Center Security Strategies

Published byLeslie Cross Modified over 5 years ago

Similar presentations

Presentation on theme: "Contact Center Security Strategies"— Presentation transcript:

1

2 Contact Center Security Strategies
Grant Sainsbury Practice Director, Dimension Data

3 IP Communications Are Now The Standard
Dimension Data Global Contact Center Benchmarking Report 2008

4 Why IP voice in the contact center?
Improves workflow and business effectiveness Ability to distribute to the contact center workforce Reduces telecommunications total cost of ownership Enables channel aggregation Delivers flexible architecture Improved workflow and business effectiveness Integration with the Enterprise Ability to distribute the contact center workforce Agents working from home Reduced Telecommunications Total Cost of Ownership & Vendor Driver End of Life Converged Network Converged Client Channel aggregation Universal queue (blending routing and reporting intelligence for inbound & outbound voice, , web collaboration, etc.) Flexible architecture Hosting Disaster recovery and business continuity

5 IP Communications Security Threats
Improves workflow and business effectiveness Networks are more open. Exposed to greater array of internal threats. Ability to distribute the contact center workforce Family members use work PC for personal use Data leaves contact center & enterprise; it leaves home network Reduces telecommunications total cost of ownership (TCO) DOS attack takes down voice and desktop applications Systems based on open and well known OS, databases, and protocols Enables channel aggregation & websites are channel for viruses, trojans, malware and spyware New channels require different authentication and information protection considerations Delivers flexible architecture Expose corporate network to extranet

6 The Role of Security in the Contact Center
Regulation & standards compliance Data loss prevention Process control Security policies often require attention to process. To achieve compliance, processes often require auditable, repetitiveness. Note that process control is often as odds with a desire for efficiency.

7 Strategies to Cope with Security Threats
Know the legislature and regulations that affect your contact operation e.g. DPA, FSA, PCI, HIPPA, SOX, ISO 27001, DNC

8 PCI Data Security Standards May Apply
Build and Maintain a Secure Network Requirement 1: Install and maintain a firewall configuration to protect cardholder data Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters Protect Cardholder Data Requirement 3: Protect stored cardholder data Requirement 4: Encrypt transmission of cardholder data across open, public networks Maintain a Vulnerability Management Program Requirement 5: Use and regularly update anti-virus software Requirement 6: Develop and maintain secure systems and applications (vulnerability assessment, patch management) Implement Strong Access Control Measures Requirement 7: Restrict access to cardholder data by business need-to-know Requirement 8: Assign a unique ID to each person with computer access Requirement 9: Restrict physical access to cardholder data Regularly Monitor and Test Networks Requirement 10: Track and monitor all access to network resources and cardholder data (logging and QM) Requirement 11: Regularly test security systems and processes Maintain an Information Security Policy Requirement 12: Maintain a policy that addresses information security Reference:

9 PCI Data Security Standards May Apply
Build and Maintain a Secure Network Requirement 1: Install and maintain a firewall configuration to protect cardholder data Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters Protect Cardholder Data Requirement 3: Protect stored cardholder data Requirement 4: Encrypt transmission of cardholder data across open, public networks Maintain a Vulnerability Management Program Requirement 5: Use and regularly update anti-virus software Requirement 6: Develop and maintain secure systems and applications (vulnerability assessment, patch management) Implement Strong Access Control Measures Requirement 7: Restrict access to cardholder data by business need-to-know Requirement 8: Assign a unique ID to each person with computer access Requirement 9: Restrict physical access to cardholder data Regularly Monitor and Test Networks Requirement 10: Track and monitor all access to network resources and cardholder data (logging and QM) Requirement 11: Regularly test security systems and processes Maintain an Information Security Policy Requirement 12: Maintain a policy that addresses information security Reference: Requirements 4, 6, &10 might be affected by a migration to an IP based voice framework

10 Strategies to Cope with Security Threats
Know the legislature and regulations that affect your contact operation e.g. DPA, FSA, PCI, HIPPA, SOX, ISO 27001, DNC Architect the contact center around the network Deploy firewalls, IDS, IPS, web/ filtering, anti-virus, & policy-controlled desktop Strong authentication on home agent equipment under strong corporate IT policy Disable CD/DVD/USB ports on home agent equipment Encrypt data, voice and application, going across Internet to home agents Apply auditable logging on home agent workstations and lock down data access Publish a home work security policy and require sign off Apply data access by job function which is not typically impacted by channel Train agents in use of non-voice communications. An can carry the same legal weight as a hand written letter and it is a persistent form of communication. Ensure that corporate core security practices, baselines and standards are applied to the contact center infrastructure

11 Thank you for listening. Enjoy rest of the conference.
Grant Sainsbury Practice Director, Customer Interactive Solutions (919)

12

Download ppt "Contact Center Security Strategies"

Similar presentations

Agenda What is Compliance? Risk and Compliance Management

Agenda What is Compliance? Risk and Compliance Management
JARED BIRD Nagios: Providing Value Throughout the Organization.

JARED BIRD Nagios: Providing Value Throughout the Organization.
PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.

PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.
Jeff Williams Information Security Officer CSU, Sacramento

Jeff Williams Information Security Officer CSU, Sacramento
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.

Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.

GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
Why Comply with PCI Security Standards?

Why Comply with PCI Security Standards?
Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Payment Card Industry Data Security Standard (PCI DSS) By Roni Argetsinger 515-237-5007.

Payment Card Industry Data Security Standard (PCI DSS) By Roni Argetsinger
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
An Introduction to PCI Compliance. Data Breach Trends About PCI-SSC 12 Requirements of PCI-DSS Establishing Your Validation Level PCI Basics Benefits.

An Introduction to PCI Compliance. Data Breach Trends About PCI-SSC 12 Requirements of PCI-DSS Establishing Your Validation Level PCI Basics Benefits.
NUAGA May 22, 2014.  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.

NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
PCI requirements in business language What can happen with the cardholder data?

PCI requirements in business language What can happen with the cardholder data?
PCI: As complicated as it sounds? Gerry Lawrence CTO

PCI: As complicated as it sounds? Gerry Lawrence CTO
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.

Similar presentations

Ads by Google