Contact Center Solutions Featured Article

April 30, 2007

Privileged Consumer Information at Risk in Organizations that Fail to Properly Protect

By Susan J. Campbell


The topics of security and privacy come up quite often in the contact center area of consumers have expressed concern over the protection of their information when dealing with the contact center, especially when that center is located in another country. While consumers will practice the principal of maintaining their passwords in order to protect their information, what about the employees within the company?
 
Infosecurity Europe conducted a survey of 300 office workers and IT professionals an found that 64 percent were prepared to give their passwords in exchange for a bar of chocolate and a smile. The survey was conducted to determine how easy it was to extract work passwords from individuals using social engineering techniques with literally the offer of a chocolate bar for participating in the survey.
 
The survey also looked at the password handling of IT professionals and while they required a bit more probing and coercion than the average office worker, even the IT professional eventually succumbed to the questions of the attractive researcher who still managed to extract their passwords in exchange for a smile and a chocolate bar.
 
When asked if they knew what the most common password was and then to share their own password, only 22 percent of IT professionals revealed their password, compared to 40 percent of commuters. If at first they refused to provide their passwords, the researchers would then ask if it was based on a child, pet, football team, etc. Using this technique, researchers were able to option passwords from 42 percent of IT professionals and 22 percent of commuters who inadvertently revealed their password.
 
What the IT professionals failed to realize, because this survey was conducted at an IT Expo, the researchers not only gained their passwords, but also had their names and organizations from their delegate badges.
 
This survey also revealed that 20 percent of organizations no longer use passwords, with 5 percent using biometric technology and tokens for identity and access management and another 15 percent using tokens. When passwords were used at work, the average number was 5 per person, with some using as many as 20.
 
Some IT professional indicated that the real issue was not user passwords, but the passwords on the servers or buried in applications which were never changed as the consequence of changing them on the overall company IT system was unknown and there was a fear that if they were changed, a critical part of the system would crash. Other IT experts even said that they often come across servers on which the administrator password was left blank.
 
Sam Jeffers, Event Manager for Infosecurity Europe 2007, said in a statement, “This survey shows that even those in responsible IT positions in large organizations are not as aware as they should be about information security. What is most surprising is that even when the IT professionals became slightly wary about revealing their passwords, they were put at their ease by a smile and a bit of smooth talk. It just goes to show that we still have a long way to go in educating people about security policies and procedures as the person trying to steal data from a company is just as likely to be an attractive young woman acting as a honey trap as a hacker using technology to find a way into a corporate network.”
 
Andy Kellett, Senior Research Analyst, Butler Group commented on the issue of Identity & Access Management (I&AM) contributed, “Today, if there is one justified criticism of the I&AM sector, it is that the complete service-delivery model is too complex for most organizations to handle from a standing start.”
 
End-to-end projects that have been put forward to deal with all I&AM control issues have often proved to be unrealistic, and indeed, for some, far too difficult to achieve. Whereas organizations that have taken a more structured and prioritized approach to the I&AM service delivery model, have and do achieve better results in the long run.”
 
Overall, many organizations that manage contact centers that handle privileged customer information have the necessary safeguards in place to protect the customer’s information – at least from the outside world. There is still inherent risk and the consumer must be proactive in protecting their information and ensuring that the companies with which they do business value the protection of their information as much as they do their business.
 
Want to learn more about contact centers? Then be sure to check out TMCnet’s White Paper Library, which provides a selection of in-depth information on relevant topics affecting the IP Communications industry. The library offers white papers, case studies and other documents which are free to registered users. The papers are authored by industry leaders, who, in turn, receive qualified sales leads from interested parties. Check here for the latest in CRM information.
 
Susan J. Campbell is a contributing editor for TMC (News - Alert) and has also written for eastbiz.com. To see more of her articles, please visit Susan J. Campbell’s columnist page.
 
 


Related Contact Center Solutions Articles

    Mitel Integrates Contact Center Solution with VMware View

    With an objective to bring desktop virtualization to the contact centers, virtualization and cloud infrastructure solutions provider VMware Inc. has integrated Mitel's Contact Center Solution for VMware View. This integration enables contact center managers to better serve customers with centralized administration and better security as well as the ability to reduce costs. [ Read More ]
    02/14/2012

    Blending: The Key to Broadening Call Center Quality without Additional Resources

    While many a corporate call center has found, in recent years, the need to tighten its belt, other call centers with shallower pockets, such as those that support non-profit groups or government agencies and civil services, have found the budget crunch to be even more dire. [ Read More ]
    02/14/2012

    Is Improperly Used CRM Dragging Your Customer Support Down?

    While companies have been adopting ever more technology to try and support their customers to the best of their abilities - the sales figures for customer support solutions and applications bear witness to this - customers have never been more dissatisfied. Weird? A bit. And it might just be a function of improperly chosen, implemented and used customer relationship management (CRM) solutions. [ Read More ]
    02/14/2012

    VXi Launches UC ProSet for Contact Center Users

    The UC ProSet wired headset designed especially for unified communication users in contact centers and offices has been launched by VXi Corporation. VXi Corporation has improved its unified communication B2B line with this new headphone, the UC ProSet, which incorporates several features for ease and fashion of contact center users. [ Read More ]
    02/14/2012

[ View all Contact Center Solutions Articles ]

Socialize with us

FREE Contact Center Solutions eNewsletter

Click here to receive your targeted Contact Center Solutions Community eNewsletter.[Subscribe Now]

Industry News

Featured Resources

Contact Center Solutions Glossary of Terms

Press Releases

About the Contact Center Solutions Community

    Welcome to the Contact Center Solutions Community The Contact Center Solutions Global Online Community, Sponsored by Interactive Intelligence, is designed to serve as the industry's premier resource for information and research on Contact Center Solutions technology and deployment strategies.