In Brief
Call Centers: Risk Assessment Reminders
A few questions to help make sure your call center security plan covers the necessary bases.
By Malcolm Wheatley
May 12, 2008 — CSO — Sample questions to help determine appropriate protective measures for a call center. In some cases the company may decide that a particular issue is outside its scope of responsibility—but clearly security can play a role in keeping a safe, efficient and trusted workforce in place. (For more detail, see the in-depth article Call Center Security: How to Protect Employees and Customers).
What data will call center agents need to access? Are full-fledged PCs necessary for these tasks, or are terminals sufficient? What other policies and technical controls are required to prevent removal or copying of this data?
Are sensitive physical documents (possibly including operational procedures) appropriately secured and labeled?
Does the facility have an adequate physical access control system?
Is the physical environment of the call center (parking lot or garage, incoming roads and neighborhood) safe for employees at all hours of operation? Are additional lighting, fencing, call boxes, surveillance systems or security personnel required?
Do all employees have appropriate means of safe transportation to and from work?
What other businesses operate in the area and at what hours? In what ways (positive or negative) could these businesses affect security issues?
Are employees trained in how to handle incidents (including intrusions, threats and medical emergencies)?
Does the sensitivity of call center information necessitate background checks on new or existing employees? Does the organization have the necessary policy and capability for such investigations?
Do the center's security controls meet all applicable regulatory requirements?
Source: CSO reporting
Other stories by Malcolm Wheatley
Data Center Directions Virtual Conference
Attend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.
Maximizing Site Visitor Trust Using Extended Validation SSL
Now with Extended Validation (EV) SSL available from VeriSign, you can show your customers that they can trust your site. Learn about EV SSL benefits in the free VeriSign white paper.
Prudential Financial Protects its Brand with Symantec Data Loss Prevention Solutions
FORTUNE 100 insurance leaders rely on Symantec.Information Security: Data Drains and How to Prevent Loss
Do you know where your confidential data is?Data Loss Prevention: Keeping Sensitive Data Out of the Wrong Hands
Learn what the thought-leaders at PricewaterhouseCoopers have to say.7 Requirements of Data Loss Prevention
Incorporate best practices from many companies using DLP solutions.E-LOAN Maintains Reputation as a Privacy Leader with Symantec Data Loss Prevention
Learn how this implementation of a DLP solution helps ensure customer trust and loyalty.
- Practical Role Management: Real-World Approaches to a Complex Problem
- The Case for Business Software Assurance ~ Securing Your Applications
- The Latest Advancements in SSL Technology
- Maximizing Site Visitor Trust Using Extended Validation SSL
- How to Offer the Strongest SSL Encryption
- Using Likewise to Comply with PCI Data Security Standard
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
7th Annual Digital ID World
-
September 8 - 10, 2008Hilton AnaheimRegister now »
Anaheim, California
(ISC)2 members can earn up to 20 CPE Credits
Reference priority code ONLINE and save $800 off the full registration price — attend the program for $995
