Trusted BPO Takes Corporate Level Information Security Abroad


When considering the logistics of business processing outsourcing (BPO) most executives instantly tremble at the thought of allowing a distant third party to take control of their information security.


However, opting for a nearshore location doesn’t mean you’re choosing a company who plans to work outside of your country’s high legal standards. What it does mean is that the center chooses to adopt standards in line with your own country in an effort to show that security is not something that slides with geographic distance.


In many instances, a call center’s policies will meet, and may exceed, the high standards that are found within the corporate office.


Related Article: Fundamentals of a Call Center Partnership


7 Types of Call Center Security Measures


When deciding on the call center to meet your needs, you’ll want to ensure that the following best practices are in place. Each of them plays a special role in protecting against security breaches while ensuring customer information remains confidential.


Agent Screening and Monitoring Process

Call center agents are subject to similar employment screening processes as those individuals seeking employment in your own country. That includes conducting a background check and following up with prior work references. Additionally, to ensure agents are of the highest integrity post employment, call centers monitor all calls and conduct individual evaluations on a regular basis.


Virtual Private Network (VPN)

The safest option for securing information is to utilize a VPN which means the call center connects back to your company’s local server and thus the center acts as a remote location. With this option, which is not always available in all call centers, your company knows that the center is maintaining the highest security levels possible because it’s the same system that your corporate office uses.


Payment Card Industry (PCI) Compliance

Trusted call centers employ best practices when accepting payment over the phone including following PCI compliance guidelines. That means computers and operating systems are encrypted and on a separate network from the internet with access based on management levels. They’ll also be configured to forget passwords while utilizing firewall and antivirus/anti-malware protection.


IT Monitoring

A good IT department checks the network for security violations on a regular basis, and if something is found the call center will have protocols in place for how and when to inform both your company and local law enforcement. In severe cases, the center should be prepared to proceed with legal prosecution.


Active Directory Policy

Security driven call centers rely on a network of linked computers to ensure that each agent has access to the same (yet limited) programs they need to fulfill their position. Within the linked network every agent has access to a separate shared folder but is restricted from using the WEB, USB ports, and printers. Additionally, all internal communication is done through a shared, monitored employer-based system.


Clean Desk Policy

An active directory policy is made stronger with a clean desk policy. A clean desk means an agent is unable to bring their cell phone to their workspace, and a trusted call center checks agents before they allow them onto the floor. In the event a phone is connected to the computer then the IT department receives an alarm and proceeds with an investigation.


Non-Disclosure Agreement

Upon hire, every agent is asked to sign an NDA that protects all information as property of the call center. It should also state that the call center has the right to monitor all PC screen movements including internal communication and messaging that occur both on and off duty.


Related Article: Is the Cost of Business Process Outsourcing Worth it?


Open Door Policy for Customers


Before partnering with a call center, the best decision you can make is to visit the center and see the center’s security policy in action. It’s one thing to read a website and talk to an individual on the phone, but visiting the center is the only way to truly know what you can expect.


If a call center creates roadblocks to your immediate visitation, then this is a red flag and you may need to look elsewhere. Unfortunately fraud penetrates every industry and particularly offshore industries, so having the option to easily visit, communicate directly with key decision makers, and observe security measures in action can mean the difference between growing your business and being conned.


In general, closely observe how a company represents themselves. CIO Mark Settle believes that if a company is too positive about their information security, then they’re being naive. So, don’t leave anything to chance and create a preliminary plan for how to proceed prior to leaving the center.


BPO and Security Decision Making


In the end, contracts dealing with security come down to evaluation and trust.


Does the call center operate in a manner that matches what you’d expect of your own company? Was it easy to reach the center and conduct an internal review, and did you reach the directors whom you spoke with over the phone? Can you envision your company growing with the center?


When in doubt, do a trial run. Opt for the shortest contract and closely monitor the security process. A good call center will welcome your interest in their work.


Here at ABC Marketing Services security is our number one concern. We don’t skimp on issues that matter to your company, and we also make it easy to visit and watch our center in action.


Contact us today and get started with nearshore, security-driven business process outsourcing.


Related Article: Is the Cost of Business Process Outsourcing Worth it?
Related Article: Fundamentals of a Call Center Partnership