The Business Risks Associated With Poor Call Recording Security

Organisations have become reliant on technology to transact with customers, meaning that digital security has become a major concern.

Security is a word frequently heard today in the media. Even for small, one-location businesses, it is a matter of rising importance.

Technology trends such as the increased use of personal devices at work (BYOD – Bring Your Own Device) and the rapid adoption of cloud-based application deployment, where a company’s data is no longer held on its premises, have introduced new risks that have to be managed.

With these changes comes the need for identity and access management, which is increasingly important as people move between these devices and access locations.

Many of us now have up to five devices and 300 identities across various social media and shopping portals – meaning that passwords are now a nightmare to remember and keep secure. As a result, businesses are at risk from information being shared across an indefinite number of devices and networks.

Failures in security can cause major harm to a business in terms of reputational damage, loss of competitive advantage and fines for non-compliance with regulatory laws.

Examples of high-profile data breaches – a phrase that sounds fairly benign but in reality masks a breakdown in company security practice, are now increasingly common.

Many will remember the record £400,000 fine handed down to TalkTalk for security failings that led to the theft of the personal data of almost 157,000 customers. Handing down the fine, the Information Commissioner’s Office (ICO) said the attack could have been prevented if TalkTalk had taken basic steps to protect customers’ information. All TalkTalk needed to have done was to ensure their data was encrypted.

The value of the fine was insignificant for a company of TalkTalk’s stature but their losses did not stop there.

At the time of the data loss TalkTalk shares stood at 317p, but they quickly dropped to around 240p and, following the announcement of the fine, dropped again to 154p. A complete loss of confidence in the company caused a 50% loss in its value, saw an exodus of customers to competitors and the departure of their CEO. In comparison the fine was paltry.

The forthcoming new GDPR regulations concerning data security and management adds a further dimension to these type of losses in that the fines for non-compliance are huge – up to 4% of global turnover. If that same TalkTalk data breach was to occur after May 2018 when the GDPR comes in to force, the fine alone on the company could be up to £75million.

Many companies are still literally paying lip service to their data security liabilities while others are just plainly ignoring the regulation – figuring it can’t apply or happen to them.

That could work out to be a very expensive strategy.

What Can Be Done?

Remove Recordings for a Specific Customer Phone Number

The ability to remove specific customer records is crucial to compliance. Under GDPR regulations, a data subject has the right to have their personal data rectified or forgotten. Companies like Oak Innovation make it easy to find and remove specific records.

Secure Recordings

All calls recorded on an Oak system are encrypted so they cannot be tampered with. Businesses are better protected from abuse, and in case of customer disagreements. Stereo playback ensures perfect clarity as required by legal firms.

Store Recordings for as Long as You Need

Oak systems can store a huge volume of recordings. Calls can be found using a wide range of criteria, for example, date, time, extension, CLI, DDI, telephone number, user-defined flags or even customer reference, if linked to a CRM system.

This is the third blog in Oak Innovation’s series on GDPR. This follows on from: What Is GDPR? And, GDPR – What You Should Be Preparing for…