As Contact Center Data Grows, So Grows the Risk of Data Breaches: PAM Now A Priority for 2021


November 2020

By: Mohie Ahmed

In an increasingly virtual, distributed, and remote working world, more people are relying on contact centers than ever before.

The contact center industry has been scrambling to keep up with new demands – including the requirement to shift from physical centers to remote workers – and this changes their need for new security solutions dramatically.

The dramatic and ongoing shift to work-from-home itself has flooded Contact Centers with more calls while also driving those “Centers” to remote decentralized architectures, with agents working from home. The technology and infrastructure to support this have been around for a while, but what we are experiencing now is a sea change in Call Center dynamics bringing huge challenges and likely irreversible change.

There is a continuing surge in online activities: working, learning, buying, government services, including unemployment insurance as millions lose their jobs, healthcare through telemedicine, and more.

When everything goes smoothly, things work; but when things go wrong, people want to reach people and do so without having to wait hours or even days for a conversation. This is causing contact centers to relax some guidelines and is expanding the attack surface as more employees are able to access systems, given that contact centers often protect access based on physical perimeters.

In these unprecedented times, the load is exploding — in both the public and the private sector. Coping with the massive unanticipated surges in demand is creating a perfect storm of challenges: supporting critical services over a public broadband infrastructure, connecting agents, applications, and consumers using new platforms that are not always compliant with regulations (PII, PCI, HIPAA, and more).

A natural solution for IT teams is putting in place Privileged Access Management software to ensure only those who should access applications and databases, services, and networks, can access them. This is a straightforward way to unify new models and regain control over privacy and compliance, ensuring that customer information is treated in a manner compliant with regulations, securing customer privacy, and protecting the security of systems and data from bad actors – who are moving in as they see more tears in security fabrics.

Contact center operators – whether enterprises running their own contact centers – or the large Business Process Outsourcing  (BPO), companies who run contact centers for businesses – are increasingly deploying PAM, especially those who use third-party contractors for IT and who have connectors into third-party applications and clouds. Ensuring TRUST is mission-critical for enterprises, service providers, government agencies, and PAM is the route to that – the most straightforward, efficient, and effective approach, when the PAM solutions they choose are cloud-friendly, and comprehensive – simple to implement and practical to scale.

In an organization, privileged users have access to IT and network infrastructure for operation and administration purposes or have access to sensitive information or assets, such as customer records, employees’ payroll, and financial records. Sample privileged users are:

  • System, database, and application administrators who have continuous and unrestricted access to a broad range of assets
  • Help desk agents who have restricted access to a broad range of assets
  • Business Application (e.g., ERM, Salesforce) users or users of an organization’s social media (e.g., LinkedIn, Twitter) accounts
  • Nonemployees, such as vendor support, consultants, contractors

Why is PAM critical for contact centers?

Privileged users access an organization’s critical systems, resources, and assets using elevated or unrestricted accounts, i.e., privileged accounts. These accounts include local and domain administrative accounts, service accounts, emergency accounts, application accounts and are referred to as “the keys to the kingdom.”

They are primary targets of both external and internal malicious users and have been used in successful attacks to gain access to an organization’s critical systems and resources, resulting in data breaches or service outages that have material business impact. So, privileged accounts are a potential source of threats to the security posture of any organization because of their elevated/unrestricted access to critical systems and sensitive information.

To learn more or schedule a demo, please contact us.

Similar Blogs

As Attacks on Infrastructure Continue to Intensify, Cyber Security Leaders Call for Further Investment

As Attacks on Infrastructure Continue to Intensify, Cyber Security Leaders Call for Further Investment

This past week Colonial Pipeline company, which operates a pipeline that carries gasoline, diesel fuel, and natural gas along a 5,500-mile path from Texas to New Jersey, was forced to take itself offline after being attacked by a criminal cyber gang. The Colonial Pipeline, which carries 2.5 million barrels a day, nearly 50% of the East Coast supply of diesel, gasoline, and jet fuel, is still working to restore service and gain access to its systems after the malicious cyberattack while its four mainlines remain offline.

read more
Buy it Wholesale, Sell it Retail: How MSPs and MSSPs can Benefit from Multitenancy Cyber Security Solutions

Buy it Wholesale, Sell it Retail: How MSPs and MSSPs can Benefit from Multitenancy Cyber Security Solutions

Managed Service Providers (MSPs) and Managed Security Service Provider (MSSPs) have a stressful job. They must provide cybersecurity solutions to their clients, protecting them from a broad and growing range of threats, and ensure their customers’ networks, equipment, data, systems, people, and reputations are insulated from malicious forces.

read more