October is National Cyber Security Awareness Month (NCSAM) and the epic Equifax breach serves as just one reminder of the frequent and rising cyber risks and hacking incidents. For customer service organizations, managing the exponential growth of customer data across multiple customer communication channels and platforms is not easy.
Currently, 47 out of 50 states (and the District of Columbia) have enacted cybersecurity compliance requirements for organizations to notify states about security breaches that compromise customer data. Furthermore, the complexities of telecom combined with the accelerating pace of technology innovation present significant challenges for most customer service organizations to develop their own home-grown solutions to address the needs of today’s omnichannel customer and to ensure that they have the proper cyber risk safeguards.
As a customer service department, there are a number of things to consider when determining your approach to implementing text messaging to your channel mix. The laws for web chat are non-existent, while email and phone calls have been established channels for years, with tons of safeguards added to 100 percent of email providers. Texting, however, has the strictest laws, and most texting providers have zero safeguards to ensure they follow the law.
Additionally, most businesses are shocked to find out that the technology behind text messaging is plain text. Plain text–the same format specifically targeted by hackers because it’s easily findable and searchable. Plain text–the same format that got companies like Yahoo into International trouble for storing information in “plain text.”
Having a strict cybersecurity policy is critical for customer service departments to prevent any leaks of plain text. The most secure platform providers have invested in bank-level encryption and have implemented Single Sign On (SSO) and include features to remove credit card and other personal data to protect their customers. From our observation, the majority of providers allow the flow of plain text to and from agents and back-end services, creating critically weak-points where plain text information can be targeted and utilized by hackers.
When considering a texting solution for your team, take note that the majority classify themselves as the “pipes” and their contracts hold themselves harmless in the event of an incident. To keep your customer information safe, you should be asking your providers how often they conduct an InfoSec review and whether it meets bank-level requirements (from a bank).
Building your own solution requires not only 24/7 support, but the hiring and maintenance of specialized telecom network engineers, not just software engineers. Furthermore, you need to consider becoming PCI compliant, BAA compliant and having the right Internet Insurance.
With large scale cyber attacks on the rise, customer service departments will need to step up their vigilance to work with providers that deliver the highest-grade security for messaging.
Through a proprietary mix of technologies, we at Teckst have built our systems to offer the highest-grade security for text messaging, passing multiple bank-level security audits. Choosing a service provider that adheres to the highest compliance standards will enable you to focus on your core business, while removing the complexity for delivering the best customer experience with security in mind.