The Impact Of A Call Centre On Communicationn In A Programme

Security Strategies

Discuss about the The Impact of a Call Centre on Communicationn in a Programme.

The scenario is based on the multinational payment card company located in the suburb of Brisbane is planning to outsource with the help of telephone marketing. The telemarketing service providers having call centers in Singapore and Suva requires a large number of numbers of the customers and the details of the payment card. The call center is responsible for storing the required information about the customers and need to update headquarter about all the updated information. The payment card company wants security strategies, policies and the standards from the call center to ensure that the security provided to the confidential details about the customer to the call center is secured.

The need for strategy regarding the security of the customer details is a sensitive area for the payment card company as the reputation of the company is dependent on the way it handles the payment of customer in a secured way (Regina M. Hechanova 2013). Therefore, when the payment card company is giving the details of the payment information of a customer to the call center they required a security strategy of the details and the policies the call center company is acquiring for keeping the information secured.

The strategies like recording call and data, customer relationship management, voice over Internet protocols and customer tracking solutions are the significant strategies that the call center can follow for adhering with the payment card company. The call center should optimize the workforce providers for ensuring the solutions that are been provided have the exact security protocols as well as the operation is done in a network having high level of security (Guedes, Furtado and Pequeno 2014). The solution might differ with the different level of automated devices that are been used for protecting the sensitive data of the clients. The best strategies that could be applied by call centers to convince card payment company is by facilitating controls of automated controls of pause/resume system for the voice as well as screen recorder. The other option that could be used is Interactive Voice Response, end-to-end encryption, password management and audit trail (Martin 2015).

Capability/ Strategies Save Time On Research and Writing Hire a Pro to Write You a 100% Plagiarism-Free Paper. Get My Paper	Description	Pros	Cons
Pause/Resume (Manual)	The agents follow the manual pause/resume strategies. At the time, customers started sharing data, which is confidential and sensitive the agent can manually operate with help of a button that pause the recording and aging press the button for the second time for resuming recording.	The sensitive data is protected from recording.	The manual operation depends on the agent who is operating the system, as he might not pause the recording when the customer is sharing confidential data (Xiaosong et al. 2016). This step might affect the experience of the customer.
Pause/Resume (Automated)	API helps in integrating the recording with servicing application. At the time of accessing the sensitive field in application servicing, the recording is paused automatically and it is resumed automatically (Mao et al. 2016).	The sensitive data is prevented from recording. The risk of having human error is eliminated. The process is clear and transparent.	The resources regarding the Information Technology from the call center or the enterprise is needed at the time of implementing the solution. The customer might share the sensitive data ahead of the trigging of the automatic pause button.
Desktop Analysis	It helps in pausing as well as resuming the record automatically.	This process is an automatic process and is transparent to the customers. The changes regarding code level is not required.	The application has to be purchased and resources are required for the implementation of the Desktop Analysis (Barros,  Pickering and Gudes 2015).
Analytics of Real-time speech	This strategy is used to spot information that is sensitive in real time. Application pauses automatically as soon as it get certain commands and recording is resumed when after a definite time delay or when other word is said by the customers (Deshpande 2014).	The application minimizes the risk like recording and storing significant data of the customers.	High skilled operators are needed for implementing and managing the system.
Interactive Voice Response process of payment	It is significantly used for recording information regarding the credit or debit card of the customer (Saylor 2014). The time when customer makes payment, the operator is responsible for transferring the customer to IVR. IVR only see or hear the information of credit card.	The process of payment by credit card is fully secured.	The call handling time is increased. The customer could have a negative impact as the call is transferred to the IVR.

The implementation of cloud computing has bring a revolutionized period for the call center. The cloud computing technology has eliminated the huge capital expenditure and the investment done on the upgradation and maintenance. The call center when taking the responsibility of the payment card company needs to implement this technology (Al-Ayyoub et al. 2015). This helps in the update of the regulation, which is done by the software provider.

Strategies and its prospects and consequences

The call center should developed a strategy according to the requirement of the payment card company. The strategies include the following steps:

• Constructing and Maintaining a Secure Network- A configured firewall should be construct and maintain for preventing the data of the cardholder. The call center should not use any parameter of security supplied by the vendor.
• Protecting the data of the cardholder: The data of the cardholder should be prevented and stored in an appropriate manner. The data should be encrypted before transmission in the public network (Paulsen 2014).
• The management program should be vulnerable: Antivirus should be updated regularly and developed as well as secure systems should be maintained.
• Access control implementation: The access to data of cardholder should be restricted and should only be use for the needs of business. Each person should be assigned with a new ID for accessing the system (Ye et al. 2014). The physical access to the data of the cardholder should be restricted.
• Monitoring and testing networks regularly: Tracking and monitoring the access to the resources of the network and the data of the cardholder should be implemented (Ferdoush and Li 2014). The processes and the system of the security should be tested regularly.

The call centers should convince the payment card company about implementation of the suitable retention policies. The policies are stated below:

• The policy should ensure that data of the payment card is stored when it is necessary. The disposal procedure should be implemented in the policy.
• The time limit should be restricted on keeping the information of card in Quality assurance, recording server as well as in the database of customer relationship management. The corporate governance and the department of Quality Assurance needs to work on the requirements of call center for adhering the payment card company compliance (Filnov et al. 2015).
• The card validation code like CAV2, CID, CVC2 and CVV2 should not be stored in the format of digital audio or in the format of video (Boutcher et al. 2014). If the Quality assurance or the recording solution fails in blocking the audio and video from storing then the code should be deleted from the stored recording.
• The full access to PAN should be provided based on the need to k now requirement.
• The call center operation should be segmented for minimizing the number of operators having access to the data of the payment card (Long, Shelhamer and Darrell 2015). Considering an example of this policy is the information could be entered by the sales operator but the executive of the customer service must only have the access to for masking PAN.

• The call center should be adhering the policy of implementing the strong protocols of encryption. These protocols include Secure Socket Layer, Internet Protocol Security, and Secure Shell (Puzio et al. 2014) for transmitting the data of the cardholder in the public network. The transmission includes the Voice and streaming of data through Voice over IP systems of telephone (De Pessemier et al. 2015), as the data is sent over the public network. The necessity of strong cryptography is also requires for the Voice over IP system.
• If the Voice over IP systems fails to provide strong cryptography, the call center company needs to use the analog telephone system.
• The information regarding the payment card details should not be send through an unencrypted code and the end user receiving medium should not be inform of chat, email, simple messaging system (Ozkaynak et al. 2014)and other channels of non-encrypted communications.
• The best policy is to ensure that the play back of the stored recording is restricted if the recording includes the data regarding the information of the card details.

The policies should be clear about the appropriate user authentication implementation among the staff, administrators and operators. The policies include the following steps:

• The access to the Quality Assurance, recording solutions and Customer Relationship Management should be restricted to the data containing information about the details of the payment card. The implementation of policies like providing recording of the screen with interfaces of playback and the information about the payment card details is visualized only to the managers and masking the information to the other supervisors and Quality Assurance specialists (Milstein et al. 2015).
• The operations of the call center should be segmented in such a way that a minimum number of operators should have access to the information regarding the details of the card.
• The supervisors and the operators should not share passwords and the user id.

The understated policies should be implemented by the call centers in order to adhere with the payment card company. The policies are stated below:

• The operational security procedures should be developed on a daily basis. The procedures should be consisting of all the requirements of the payment card company (Peltier 2016). The procedure should also define the responsibilities assigned to all the personnel.
• The policies should be developed for using the technologies that are critical and the policies should also be well defined with the appropriate use of the technologies so that the personnel should not face any problem to understand the use of the technologies.
• The policies should be implemented in such a way that every individual and every specific team should have the responsibilities for providing the security.
• The awareness program regarding the formal security should be implemented. This helps the personnel to be conscious and aware of the importance of the payment card security (Murdoch and Anderson 2014). The personnel should be trained well so that they can acquire the knowledge regarding the procedures and policies of security.
• The reviewing of all the procedures as well as the security policies should be done annually. The reviewing requires the presence of in house and remote operators. The operator should acknowledge all the requirements of the security and implement them as a daily sign in process. This is the best practice as well as the best policies that the company could implement.
• The potential employees should be screened before hiring for the process. The mentoring of both remote agents as well as the in house agent is the best practice and policy. It reduces the risks of being attacks from the internal sources. The call center manager should have the control on the compliance of monitor policy.
• The policies should be developed that will restricted the unauthorized copying, storing and moving the data of the card holder in to the hard drives as well as electronic media at the time of accessing the data of the card holder with the help of remote technologies.

• The policy should be developed for giving attention to the specific authentication data. The storage of those data should be strictly prohibited.
• The access of the media both by physically and logically to records the call must be prohibited.
• The interactions regarding the recording must be logged in the accounts for future use.
• The back up and the storage of the recorded solutions should not follow a back door solution.
• The policy of destruction should be formulated for destroying the records that are not needed for keeping for a longer span of time.
• An innovative policy of tracking the product of call recording should be formulated. It helps in tracking all the logical and the physical access that the media have regarding the contents of the data of information. The features like encryption, authentication, logging and detailed reporting are provided by this policy.

The call center needs to provide certain standards to the payment card company for meeting the global standards. The standards are stated below:

• The call center should exercise an effective authentication control for all the operators who have the access of recording the call.
• The standards should be set such that there should be no direct connections between the internet and the system that is storing the audio.
• The standard should be set such that the system is able to maintain the secure configuration standards and the vulnerabilities should be checked on a regular basis.
• The sales operator and the supervisors should have installed the personal firewall and the operations.
• The global standard includes the installation of the latest updated version of the corporate software from the protection of the virus and other malwares that are harmful for the confidential information. The personal computers of the sales operator and the supervisors shall install this software (Deryugin et al. 2015).
• The personal computers of the supervisor and the operators should install the security patches.

The goal of setting the standard to meet the global requirements is enhancing the security of the payment account with the help of awareness, knowledge and the various standards that helps in increasing the standard of the security of card payment. The major card payment companies like American Express, JCB International, Visa Inc and Discover Financial service follows the rule like PIN Transaction Security, Payment Application Data Security Standard (Ammons 2014) could be implemented by the call centers for adhering with the payment company card.

The concept of outsourcing implemented by the payment company card is great but there are certain challenges that are been assumed that the company might face while giving the work to the call center for storing the information and updating the stored data. The call center might store in the important card details of the customer in the audio recordings of the voice. The call center could overcome these challenges and convince the payment card company by the security strategies that are stated above in the report (Bond-Barnard, Steyn and Fabris-Rotelli 2013.). The call center could also convince the payment card company by which the recording of the important information data could be restricted so that no fraud or forgery could happen.

Conclusion

The recent survey shows that the customers in UK are giving a second thought before making payments through the call center. The card payment company might face this as a big barrier. The research done by Syntec Telecom shows that 30% of the Great Britain Population does not agree to pay through the call centers. The customers and the clients steel felt that a lot of thing is need to be improved for keeping the data securely in the call center. The call center could only convince the card payment company if they earn the trust of the customers. The call centers should also try to eliminate the fraud trademark that they carries and should maintain the security policies and strategies for their development.

Adapting Cloud Computing as Strategy

The call center managers have to take initiative for regaining the trust of the clients. The regaining of trust is only possible if the call center starts applying the following steps in their company for customer satisfaction. The steps include:

Technology Usage: The use of technology for hiding the important information regarding the details of the credit and debit card should be implemented by the call centers.

Audit: The regular audit on the calls should be done for monitoring the fraud and forgery cases.

Training of Employees: The employees should be trained and the extreme measures should be formulated if any of the employees violated the rules of the company by committing fraud and forgery with the customers.

Monitoring: The monitoring of external and internal fraud should be done appropriately.

Strategy: The security strategy should be formulated by the organizations that should be technically sound.

Improvement: The manager should monitor the requirement of the operation for improving the programs of the security.

Elimination of Failings: The basic failings of the operations should be deleted like storing of important information.

Trusted partners: The trusted secure partners should be chosen for the security areas of the company.

References

Al-Ayyoub, M., Wardat, M., Jararweh, Y. and Khreishah, A.A., 2015. Optimizing expansion strategies for ultrascale cloud computing data centers. Simulation Modelling Practice and Theory, 58, pp.15-29.

Ammons, D., 2014. Municipal Benchmarks: Assessing Local Perfomance and Establishing Community Standards. Routledge.

Barros, A., Pickering, C. and Gudes, O., 2015. Desktop analysis of potential impacts of visitor use: A case study for the highest park in the Southern Hemisphere. Journal of environmental management, 150, pp.179-195.

Bond-Barnard, T.J., Steyn, H. and Fabris-Rotelli, I., 2013. The impact of a call centre on communication in a programme and its projects. International Journal of Project Management, 31(7), pp.1006-1016.

Boutcher, D.C., Harney, R.K., Munroe, S.J. and Scheel, J.J., International Business Machines Corporation, 2014. Real-time security verification for banking cards. U.S. Patent 8,632,002.

De Pessemier, T., Stevens, I., De Marez, L., Martens, L. and Joseph, W., 2015. Analysis of the quality of experience of a commercial voice-over-IP service. Multimedia Tools and Applications, 74(15), pp.5873-5895.

Deryugin, V.N., Giacomini, P., Makagon, P., Ryabchun, A. and Anisimov, N., Genesys Telecommunications Laboratories, Inc., 2015. Method and apparatus for extended management of state and interaction of a remote knowledge worker from a contact center. U.S. Patent 9,002,920.

Deshpande, M.V., Marifet, K., Matthews, J.B., Wogulis, J.L. and Chou, L.P., Google Inc., 2014. System for displaying a web page with real time analytics data overlay. U.S. Patent 8,775,611.

Security strategies as required by payment card company

Ferdoush, S. and Li, X., 2014. Wireless sensor network system design using Raspberry Pi and Arduino for environmental monitoring applications. Procedia Computer Science, 34, pp.103-110.

Filonov, V., Lum, H., Culbert, J., Blander, D., Subramaniam, S., Cicchitto, A. and Gvildys, P., Genesys Telecommunications Laboratories, Inc., 2015. Call event tagging and call recording stitching for contact center call recordings. U.S. Patent 9,178,989.

Guedes, R., Furtado, V. and Pequeno, T., 2014, September. Multiagent models for police resource allocation and dispatch. In Intelligence and Security Informatics Conference (JISIC), 2014 IEEE Joint (pp. 288-291). IEEE.

Long, J., Shelhamer, E. and Darrell, T., 2015. Fully convolutional networks for semantic segmentation. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (pp. 3431-3440).

Mao, C., Yu, H., Shi, J., Cai, T. and Yang, B., 2016, January. Automated Interactive Visualization on Abstract Concepts in Computer Science. In International Conference on Computer Science Education Innovation & Technology (CSEIT). Proceedings (p. 121). Global Science and Technology Forum.

Martin, L., 2015. Noncitizen detention: Spatial strategies of migrant precarity in US immigration and border control. In Annales de géographie (No. 2, pp. 231-247). Armand Colin.

Milstein, D., Odinak, G. and Lee, H.M., Intellisist, Inc., 2015. Computer-Implemented System And Method For Protecting Sensitive Information Within A Call Center In Real Time. U.S. Patent Application 14/667,603.

Murdoch, S.J. and Anderson, R., 2014, March. Security protocols and evidence: Where many payment systems fail. In International Conference on Financial Cryptography and Data Security (pp. 21-32). Springer Berlin Heidelberg.

Ozkaynak, M., Johnson, S., Shimada, S., Petrakis, B.A., Tulu, B., Archambeault, C., Fix, G., Schwartz, E. and Woods, S., 2014. Examining the Multi-level Fit between Work and Technology in a Secure Messaging Implementation. In AMIA Annual Symposium Proceedings (Vol. 2014, p. 954). American Medical Informatics Association.

Paulsen, K.L., Cirque Corporation, 2014. Method for protecting cardholder data in a mobile device that performs secure payment transactions and which enables the mobile device to function as a secure payment terminal. U.S. Patent Application 14/150,313.

Peltier, T.R., 2016. Information Security Policies, Procedures, and Standards: guidelines for effective information security management. CRC Press.

Puzio, P., Molva, R., Önen, M. and Loureiro, S., 2014. Block-level de-duplication with encrypted data. Open Journal of Cloud Computing (OJCC), 1(1), pp.10-18.

Regina M. Hechanova, M., 2013. The call center as a revolving door: a Philippine perspective. Personnel Review, 42(3), pp.349-365.

Saylor, M.J., Bouzid, A.T., Durgani, P.B., Rennyson, D.J. and Perera, P.S.N., Angel. Com Incorporated, 2014. Multimodal interactive voice response system. U.S. Patent 8,654,934.

Xiaosong, Z.H.O.U., Wu, H.J., Chung, C.Y., Normile, J.O., Abuan, J.S., Jeong, H., Yang, Y., Johar, G. and Jansen, T., Apple Inc., 2016. Dynamic detection of pause and resume for video communications. U.S. Patent 9,232,187.

Ye, N., Zhu, Y., Wang, R.C. and Lin, Q.M., 2014. An efficient authentication and access control scheme for perception layer of internet of things.