The New Not-So Normal: Contact Centers for Insurance Companies are Hot Spots for Internal Breaches

24

November 2020

By: Ali Gomulu

The year of COVID-19 has been a nightmare on so many levels, with over a million dead globally, and nearly a quarter of those in the USA.

The rapid spread of the virus, and recent surge as we hit the cold weather months, mean that working from home is a trend that is never going away, and in fact having home-based agents dealing with the most sensitive personal information means compromised networks (home WiFi), and lack of in-person supervision.

Software to the rescue, especially for insurance companies – whether unemployment insurance (where massive frauds are costing state governments in the US millions of dollars each day) or property and casualty insurance based on upheavals in the real estate market, and a temptation to file for claims given economic circumstances.

The challenges for insurance businesses and government agencies are due in large part to still silo-ed business structures, which can make it difficult for insurers to recognize and coordinate fraud responses.

Adversaries and criminals know this and take advantage by attacking from every direction.

In March, the abrupt shift to remote living caused chaos for businesses and consumers alike, with many turning to computers and other devices for work, school, socializing and shopping.

Throughout this chaos, many businesses failed to put in place the proper security measures, including the control of privileged access management, leaving them vulnerable to insider threats.

Insurance Contact Center agents and managers have truly been “front line workers” this year, as they were confronted with record call volumes, spiking as high as 1000% from normal levels as the virus peaked during its first cycle.

With insurance call centers typically working quickly to keep customers happy and pay out insurance claims, call volumes of this magnitude would create disarray at any time. But the COVID-19 pandemic environment has sadly been a windfall for opportunistic adversaries.

According to a research report by Pindrop, “Fighting fraud in the call center can be particularly challenging for property and casualty insurance providers, which typically have separate call centers for sales, servicing, claims and specific types on insurance. As a result, it can be difficult for insurers to recognize and coordinate fraud response efforts. Fraudsters know this and take advantage by attacking from every direction.”

According to the research, around 1 in every 5,600 calls into a P&C contact center is fraudulent. This is a lot when you consider that the average call center takes in around 60 million customer calls per year. Pindrop estimates that about 90 voice channel attacks occur every single minute, but this has risen substantially during COVID-19.

“Dec Diving” or policy declaration diving, is one form of attack, very attractive to internal actors as these files contain personal information about the policyholder, including name, addresses, and any mortgages they might have, and can be used by bad actors for “account takeover.”

We can outsmart the criminals through stronger security postures, agent training, manager intervention and more – but the core is really the privileged access layer.

With PAM from Ironsphere, Contact Centers can capture real time information about which employees are accessing which systems, datasets and more – and where they are geographically located – time of day – and other contextual information.

Privileged Access Management (PAM) is a cyber security domain within Identity and Access Management (IAM) that focuses on monitoring and controlling privileged users and privileged accounts within an organization.

In an organization, privileged users have access to IT and network infrastructure for operation and administration purposes or have access to sensitive information or assets, such as customer records, employees’ payroll and financial records. Sample privileged users are:

  • System, database and application administrators who have continuous and unrestricted access to a broad range of assets
  • Help desk agents who have restricted access to a broad range of assets
  • Business Application (e.g. ERM, Salesforce) users or users of an organization’s social media (e.g. LinkedIn, twitter) accounts
  • Nonemployees such as vendor support, consultants, contractors

Privileged users access an organization’s critical systems, resources and assets using elevated or unrestricted accounts, i.e. privileged accounts. These accounts include local and domain administrative accounts, service accounts, emergency accounts, application accounts, and are referred to as “the keys to the kingdom.”

They are primary targets of both external and internal malicious users and have been used in successful attacks to gain access to an organization’s critical systems and resources, resulting in data breaches or service outages that have material business impact. So, privileged accounts are a potential source of threats to the security posture of any organization because of their elevated/unrestricted access to critical systems and sensitive information.

Please contact us for more about PAM for Contact Centers – an ideal investment for the new year ahead.

Similar Blogs

Decentralized PAM Advantages and Challenges: Keeping Organizations Secure from Edge to Cloud

The debate on centralized vs. decentralized IT has been going on for decades, and there are solid arguments for both choices. The rise of the cloud changed everything, and today “shadow IT” continues to challenge CIOs and CISOs who are charged with protecting the assets of their organizations while also not restricting the number of productivity tools available which employees and contractors continue to find and use rather than using “official” applications.

read more

Password Management in a New Era of Remote Working

2020 was a year of tremendous chaos and stress on many levels and stretched the limits of IT teams who were responsible for securing corporate assets, as entire companies sent employees home to work, including those same IT teams. A new generation of IT heroes was born, and CIOs, CISOs, and IT analysts and managers stepped up to address uncommon challenges, even as cyberattacks grew to all-time highs.

read more