Hacking the Contact Center

Every corporate IT department faces its share of security threats from the outside world. But contact centers face double the danger, since potential data thieves likely lurk in their own ranks as well.

After all, when you combine an employment revolving door with easy access to sensitive customer information, including social security numbers, credit card numbers and financial information, you have a potentially explosive situation. And contact centers are notorious for their low pay and high turnover rates.
Despite these risks, some experts say the contact-center industry has been slow to beef up its security standards. The push to reduce costs-per-call has reigned supreme, they argue, leaving little budget for IT enhancements.

A recent dramatic increase in identity theft might lead to major changes, however. California has become the first state to penalize companies whose sensitive customer data is compromised, and more legislation has been proposed at the state and national levels. This trend may culminate in new security standards -- and higher costs -- for both internal and contract contact centers.

California's State of Security
The genesis of new standards for call center security may have been the activities of a still-unknown hacker in early 2002. The hacker found a way into a California state data center, which ran payroll software for government employees. For several weeks, hackers had access to the confidential information of about 265,000 state employees, including members of the state legislature.
The data center did not inform state employees about the security breach. When lawmakers finally heard about the incident, they were outraged, claiming all employees should have been put on alert so they could guard against identity theft.

As a result, the legislature passed a bill mandating that Californians be notified immediately upon discovery of a security breach if that breach could have revealed any confidential, personal information . The law, which went into effect in July, affects any company, not-for-profit organization or government agency that maintains information about any California resident.
A federal version of the law now has been introduced in the U.S. Senate.

Back-Burner Security
A few regulated industries, such as financial services and medicine, already have clamped down on call center security, largely because companies in these markets face stiff penalties if they do not adequately protect customer data.

However, in the vast majority of cases, call centers place little to no emphasis on creating a secure operating environment, according to Jerry Brady, chief technology officer and chief security officer at security consulting firm Guardent.
"Most call centers aren't ready to answer questions about their security systems," Brady told CRM Buyer. "Up until the last couple of years, their main concerns were cost per item and making sure the agents answered the phone in the right language and accent.

"I could probably pick up the phone and be hired to start work in almost any call center in America tomorrow," he added. "And once I started work, I would hack into the call center's system within a week or so. I don't think it would be a difficult thing to do."


Keeping Breaches on the QT
What is more, outsourced call centers that do experience security breaches rarely, if ever, alert their clients.
"If a situation like that occurred, I don't believe that the average call center would know how to handle it," Brady said. "This is not a regulated industry that is used to disclosure. Plus, I've never seen a call center that had a security officer, a security plan or any idea of what they would do if they were attacked."

Companies that outsource their call center functions must start asking new questions when seeking out service providers, Brady added. Such questions might seek details on hiring policies, drug testing, background checks and IT infrastructure. A more secure IT infrastructure might feature passwords that change frequently, thin-client terminals that prevent agents from storing customer information, and spyware that logs agent activities.
"At the end of the day, it comes down to knowing that your supplier will treat your data similarly or the same as you would yourself," he said.

Virtual Security Guards
As a commercial finance company, CitiCapital has long focused on providing security both inside and outside its contact center's IT systems. Between federal regulations and customer demands, the company must make data privacy and integrity a top concern, William Brewer, senior business analyst at CitiCapital, told CRM Buyer.

"Our customers' information is precious," Brewer said. "And if someone hacks into our systems for whatever reason and gains access to our information, we have a lot of exposure."
In the past, the industry standard dictated that all data associated with a specific customer would be sent outside the firewall to an auto-dialer. This information might include name, address, phone number and social security number, among other details. Unfortunately, automated dialers can be hacked fairly easily, Brewer said.

Software in the Middle
To eliminate this security threat, CitiCapital has completely redesigned its call center processes and IT infrastructure to limit the amount of customer information viewed by call center agents while also keeping all crucial data behind a secure firewall. The company invested in a new middleware solution called ContactQ, which was released last month by Positive Software Systems.

ContactQ culls the phone number from each customer's record. By sending only the phone number to the dialer, crucial data is protected. ContactQ also limits data access within the call center, giving agents only the functionality and information they need to do their jobs.
"The biggest challenge in today's call center world is how you distribute data across a global enterprise," Edward Mandel, president and CEO of Positive Software Systems, told CRM Buyer. "When data flows from one call center to another, it must stay secure."

Chatting in Safe Mode
However, even as companies have created new innovations in customer contact management, new threats have cropped up. Such is the case with live chats. If hacked, they can provide a wealth of information about customers and their accounts, said Tony Pante, senior vice president of marketing and product strategy at chat software provider LivePerson.

"A chat transaction is very similar to a phone call," Pante told CRM Buyer. "The agent is in communication with a customer, and they exchange information like account number and credit card information. If someone gets access to all of a company's chat transactions, then it is just as though they had access to the entire customer database."
To prevent data hijacking, chat sessions should be encrypted, Pante said. What is more, to protect the company's record of past chats, the entire database should be encrypted.

Trouble-ticket programs also deserve special attention, with a secured and encrypted database. And rather than sending customer-sensitive information via e-mail, customers should be sent a link to the company Web site, from which they can sign in to retrieve the data they need.


By: Call Centers India

Five Patents That Changed E-Business

Considering that e-business as a concept was not part of most people's vocabularies before the 1990s, the number of technologies and processes that have been developed since then is staggering. Some, such as Amazon.com's "1-Click" checkout procedure, have revolutionized the way people buy products, while others, such as smart cards, have changed both enterprise and e-commerce transactions.

With the second decade of large-scale e-business dawning, the E-Commerce Times decided to poll several well-known industry analysts to get their thoughts on some of the patents that have altered the e-business landscape. Here are five examples worth noting.

The Foundation

Perhaps it should go without saying, but without the integrated circuit, e-business as we know it would not exist. Indeed, Yankee Group senior analyst Laura DiDio told the E-Commerce Times that "no discussion of high-technology patents -- even if one is specifically talking about e-business patents -- would be complete without mentioning two of the greatest geniuses in semiconductor technology , upon which the foundation for networking and e-business is based."
Those inventors are the late Robert Noyce, who founded Fairchild Semiconductor in 1958 and later cofounded Intel, and Jack Kilby, a brilliant engineer at Texas Instruments. Like Edison and Tesla before them, they were working on the same invention at the same time, with Kilby using germanium and Noyce using silicon for the semiconductor material.

"In designing a complex electronic machine like a computer, it was always necessary to increase the number of components involved in order to make technical advances," DiDio explained. "The monolithic (formed from a single crystal) integrated circuit placed the previously separated transistors, resistors, capacitors and all the connecting wiring onto a single crystal (or 'chip') made of semiconductor material.
"In 1959, both parties applied for patents," DiDio added. "Jack Kilby and Texas Instruments received U.S. patent #3,138,743 for miniaturized electronic circuits, while Robert Noyce and the Fairchild Semiconductor Corporation received U.S. patent #2,981,877 for a silicon-based integrated circuit. The two companies wisely decided to cross-license their technologies after several years of legal battles, creating a global market now worth about $1 trillion a year."

After the first commercial integrated circuits became available in 1961, all computers began to be built using chips instead of individual transistors and their accompanying parts, DiDio said.
"The original IC had only one transistor, three resistors and one capacitor and was the size of an adult's pinkie finger," she noted. "Today, an IC smaller than a penny can hold 125 million transistors. Almost all modern products use chip technology."

Of RSA and DRM

Both Gartner research director John Pescatore and Forrester Research analyst Jan Sundgren told the E-Commerce Times that the recently expired RSA patent also played a key role in e-business by providing secure encryption standards for transmitting information sent online. (RSA stands for Rivest, Shamir and Adelman, the inventors of the technology.)

As defined by Webopedia, the RSA algorithm "is based on the fact that there is no efficient way to factor very large numbers. Deducing an RSA key, therefore, requires an extraordinary amount of processing power and time."
In fact, Webopedia states, the algorithm is so powerful that the U.S. government restricted its export to other countries.

For his part, industry analyst Rob Enderle told the E-Commerce Times that InterTrust Technologies' (now co-owned by Sony and Philips) digital rights management (DRM) patents are some of the most important in e-business.
After all, Enderle noted, DRM remains a critical part of how intellectual property is sold over the Web. The technology goes to the core of how organizations like the Recording Industry Association of America will provide content legally to buyers of digital music, movies and other media. With the online music industry gaining mainstream acceptance as more and more companies enter the marketplace, DRM is poised to take center stage as a competitive differentiator among online music rivals.

Pushing E-Mail

On the mobile front, Yankee Group analyst John Jackson told the E-Commerce Times that Research In Motion's patents on "push" wireless e-mail have led to a seminal e-business implementation that will become increasingly influential as it becomes more widely adopted.

"You can get e-mail anywhere, theoretically, [without having] to ask," he said. "It's 'pushed' to you.... As soon as it hits your desktop, it hits your BlackBerry."
He noted that RIM's architecture is both a blessing and a curse for information workers. After all, while it enables employees to be "super-productive, excuses for being out-of-reach [are] now fewer and farther between."

RIM's push wireless e-mail already has spawned imitation and competition from other vendors. However, many large-scale vendors, such as Microsoft, Nokia and Palm, are simply licensing RIM's patented technology for their own devices. According to Jackson, RIM just does it better than anyone else.

Business-Method Patents

Business-method patents, such as Amazon's 1-Click technology, may be one of the most lucrative -- and hotly contested -- groups of e-business-related patents to have emerged in the last several years. According to legal Web site NOLO.com, a business-method patent is some combination of software and business methodology that can be categorized as a specific process. Once secured, these patents, like other types of patents, remain under the creator's control for nearly two decades. That means Amazon receives a fee every time another e-commerce vendor licenses its checkout process.


By: Call Centers India

** FIVE PATENTS THAT CHANGED E-BUSINESS.

Considering that e-business as a concept was not part of most people's vocabularies before the 1990s, the number of technologies and processes that have been developed since then is staggering. With the second decade of large-scale e-business dawning, the E-Commerce Times decided to poll several well-known industry analysts to get their thoughts on some of the patents that have altered the e-business landscape.

Here are five examples worth noting.

The Foundation

Reader Tools

E-Mail Article

Print Article

Talkback

Related Stories

Perhaps it should go without saying, but without the integrated circuit, e-business as we know it would not exist. Indeed, Yankee Group senior analyst Laura DiDio told the E-Commerce Times that "no discussion of high-technology patents -- even if one is specifically talking about e-business patents -- would be complete without mentioning two of the greatest geniuses in semiconductor technology , upon which the foundation for networking and e-business is based."
Those inventors are the late Robert Noyce, who founded Fairchild Semiconductor in 1958 and later cofounded Intel, and Jack Kilby, a brilliant engineer at Texas Instruments. Like Edison and Tesla before them, they were working on the same invention at the same time, with Kilby using germanium and Noyce using silicon for the semiconductor material.

"In designing a complex electronic machine like a computer, it was always necessary to increase the number of components involved in order to make technical advances," DiDio explained. "The monolithic (formed from a single crystal) integrated circuit placed the previously separated transistors, resistors, capacitors and all the connecting wiring onto a single crystal (or 'chip') made of semiconductor material.
"In 1959, both parties applied for patents," DiDio added. "Jack Kilby and Texas Instruments received U.S. patent #3,138,743 for miniaturized electronic circuits, while Robert Noyce and the Fairchild Semiconductor Corporation received U.S. patent #2,981,877 for a silicon-based integrated circuit. The two companies wisely decided to cross-license their technologies after several years of legal battles, creating a global market now worth about $1 trillion a year."

After the first commercial integrated circuits became available in 1961, all computers began to be built using chips instead of individual transistors and their accompanying parts, DiDio said.
"The original IC had only one transistor, three resistors and one capacitor and was the size of an adult's pinkie finger," she noted. "Today, an IC smaller than a penny can hold 125 million transistors. Almost all modern products use chip technology."

Of RSA and DRM
Both Gartner research director John Pescatore and Forrester Research analyst Jan Sundgren told the E-Commerce Times that the recently expired RSA patent also played a key role in e-business by providing secure encryption standards for transmitting information sent online. (RSA stands for Rivest, Shamir and Adelman, the inventors of the technology.)

As defined by Webopedia, the RSA algorithm "is based on the fact that there is no efficient way to factor very large numbers. Deducing an RSA key, therefore, requires an extraordinary amount of processing power and time."
In fact, Webopedia states, the algorithm is so powerful that the U.S. government restricted its export to other countries.

For his part, industry analyst Rob Enderle told the E-Commerce Times that InterTrust Technologies' (now co-owned by Sony and Philips) digital rights management (DRM) patents are some of the most important in e-business.
After all, Enderle noted, DRM remains a critical part of how intellectual property is sold over the Web. The technology goes to the core of how organizations like the Recording Industry Association of America will provide content legally to buyers of digital music, movies and other media. With the online music industry gaining mainstream acceptance as more and more companies enter the marketplace, DRM is poised to take center stage as a competitive differentiator among online music rivals.

Pushing E-Mail
On the mobile front, Yankee Group analyst John Jackson told the E-Commerce Times that Research In Motion's patents on "push" wireless e-mail have led to a seminal e-business implementation that will become increasingly influential as it becomes more widely adopted.

"You can get e-mail anywhere, theoretically, [without having] to ask," he said. "It's 'pushed' to you.... As soon as it hits your desktop, it hits your BlackBerry."
He noted that RIM's architecture is both a blessing and a curse for information workers. After all, while it enables employees to be "super-productive, excuses for being out-of-reach [are] now fewer and farther between."

RIM's push wireless e-mail already has spawned imitation and competition from other vendors. However, many large-scale vendors, such as Microsoft, Nokia and Palm, are simply licensing RIM's patented technology for their own devices. According to Jackson, RIM just does it better than anyone else.
Business-Method Patents

Business-method patents, such as Amazon's 1-Click technology, may be one of the most lucrative -- and hotly contested -- groups of e-business-related patents to have emerged in the last several years. According to legal Web site NOLO.com, a business-method patent is some combination of software and business methodology that can be categorized as a specific process. Once secured, these patents, like other types of patents, remain under the creator's control for nearly two decades. That means Amazon receives a fee every time another e-commerce vendor licenses its checkout process.

WHY CALL CENTER IN INDIA

RESOURCE BASE
India offers a large pool of highly skilled and educated workforce, proficient in the English language and IT literate. The constantly increasing number of college graduates and the hugely successful private training industry will ensure that these resources continue to grow every year.


GEOGRAPHY
A 12 hour time difference with North America enables overnight delivery of services. This unique advantage helps American organizations achieve true 24*7 internal operations and customer service. The "time zone" advantage provided by India can also become a strategic enabler for many West Europe and Asia Pacific based organizations.


FAVORABLE POLICY
The Government of India has committed its support to this activity by establishing a task force for developing a world class knowledge based outsourcing industry (IT Enabled Services), allowing duty free imports of capital goods and providing tax exemption on export of IT enabled services. Software Technology Parks (STPs) with state-of-the-art IT infrastructure and telecom facilities providing a "single window clearance" for all regulatory compliances have helped India emerge as a prominent outsourcing hub.


INFRASTRUCTURE
With privatization and drastic reduction in the tariff of basic telecom, paging, cellular and internet services, India enjoys an infrastructural advantage like never before. And it's getting better with every day.


COST
The relatively low cost of manpower makes India a very attractive base for sourcing cross-border IT-enabled services. India has been the largest provider of software engineers to silicon valley, West Europe and the Asian Pacific IT industry and will now be the most cost effective location for off-shore Business Process and Customer Contact services outsourcing.


PROVEN CAPABILITY
Large global corporations have already begun to outsource from India. Organizations such as General Electric, American Express, British Airways and Microsoft have demonstrated the advantages of outsourcing from Indian facilities.

Contact us for details : sandy@callcentersindia.com

• 
• 
• 
• 
•