As Contact Center Data Grows, So Grows the Risk of Data Breaches: PAM Now A Priority for 2021
By: Mohie Ahmed
In an increasingly virtual, distributed, and remote working world, more people are relying on contact centers than ever before.
The contact center industry has been scrambling to keep up with new demands – including the requirement to shift from physical centers to remote workers – and this changes their need for new security solutions dramatically.
The dramatic and ongoing shift to work-from-home itself has flooded Contact Centers with more calls while also driving those “Centers” to remote decentralized architectures, with agents working from home. The technology and infrastructure to support this have been around for a while, but what we are experiencing now is a sea change in Call Center dynamics bringing huge challenges and likely irreversible change.
There is a continuing surge in online activities: working, learning, buying, government services, including unemployment insurance as millions lose their jobs, healthcare through telemedicine, and more.
When everything goes smoothly, things work; but when things go wrong, people want to reach people and do so without having to wait hours or even days for a conversation. This is causing contact centers to relax some guidelines and is expanding the attack surface as more employees are able to access systems, given that contact centers often protect access based on physical perimeters.
In these unprecedented times, the load is exploding — in both the public and the private sector. Coping with the massive unanticipated surges in demand is creating a perfect storm of challenges: supporting critical services over a public broadband infrastructure, connecting agents, applications, and consumers using new platforms that are not always compliant with regulations (PII, PCI, HIPAA, and more).
A natural solution for IT teams is putting in place Privileged Access Management software to ensure only those who should access applications and databases, services, and networks, can access them. This is a straightforward way to unify new models and regain control over privacy and compliance, ensuring that customer information is treated in a manner compliant with regulations, securing customer privacy, and protecting the security of systems and data from bad actors – who are moving in as they see more tears in security fabrics.
Contact center operators – whether enterprises running their own contact centers – or the large Business Process Outsourcing (BPO), companies who run contact centers for businesses – are increasingly deploying PAM, especially those who use third-party contractors for IT and who have connectors into third-party applications and clouds. Ensuring TRUST is mission-critical for enterprises, service providers, government agencies, and PAM is the route to that – the most straightforward, efficient, and effective approach, when the PAM solutions they choose are cloud-friendly, and comprehensive – simple to implement and practical to scale.
In an organization, privileged users have access to IT and network infrastructure for operation and administration purposes or have access to sensitive information or assets, such as customer records, employees’ payroll, and financial records. Sample privileged users are:
- System, database, and application administrators who have continuous and unrestricted access to a broad range of assets
- Help desk agents who have restricted access to a broad range of assets
- Business Application (e.g., ERM, Salesforce) users or users of an organization’s social media (e.g., LinkedIn, Twitter) accounts
- Nonemployees, such as vendor support, consultants, contractors
Why is PAM critical for contact centers?
Privileged users access an organization’s critical systems, resources, and assets using elevated or unrestricted accounts, i.e., privileged accounts. These accounts include local and domain administrative accounts, service accounts, emergency accounts, application accounts and are referred to as “the keys to the kingdom.”
They are primary targets of both external and internal malicious users and have been used in successful attacks to gain access to an organization’s critical systems and resources, resulting in data breaches or service outages that have material business impact. So, privileged accounts are a potential source of threats to the security posture of any organization because of their elevated/unrestricted access to critical systems and sensitive information.
To learn more or schedule a demo, please contact us.
Verizon’s Show-Stopping DBIR 2021 Is A Must Read for Every Cyber Security Professional: Stunning Data Amidst a Surge of Attacks in 2020
Verizon recently released its annual Data Breach Investigations Report (DBIR), which provides valuable insight and analysis into the cybersecurity challenges faced by organizations. The report this year analyzed 29,207 security incidents, with data coming from 83 contributors and victims spanning 88 countries, 12 industries, and three world regions, which found a confirmed 5,258 breaches, a 33 percent increase in volume from last year’s report.
Verizon’s Annual Data Breach Investigations Report Confirms Record Number of Attacks During the Global Pandemic
The Ironsphere team looks forward to the annual publishing of Verizon’s DBIR report, and this year is no exception. In fact, our team found many of the revelations stunning, but not surprising, as we all witnessed twelve months of chaos which contributed to more breaches than ever before.
Software multitenancy is a software architecture in which a single instance of software runs on a server and serves multiple tenants. Sometimes referred to as “partitioning,” multitenant systems are highly efficient for managed service providers, often leading to lower costs for end customers and higher profits for service providers, compared to dedicated or isolated approaches.