• United States



Call Centers: Risk Assessment Reminders

May 12, 20082 mins
Data and Information SecurityPhysical Security

A few questions to help make sure your call center security plan covers the necessary bases.

Sample questions to help determine appropriate protective measures for a call center. In some cases the company may decide that a particular issue is outside its scope of responsibility--but clearly security can play a role in keeping a safe, efficient and trusted workforce in place. (For more detail, see the in-depth article Call Center Security: How to Protect Employees and Customers).

What data will call center agents need to access? Are full-fledged PCs necessary for these tasks, or are terminals sufficient? What other policies and technical controls are required to prevent removal or copying of this data?

Are sensitive physical documents (possibly including operational procedures) appropriately secured and labeled?

Does the facility have an adequate physical access control system?

Is the physical environment of the call center (parking lot or garage, incoming roads and neighborhood) safe for employees at all hours of operation? Are additional lighting, fencing, call boxes, surveillance systems or security personnel required?

Do all employees have appropriate means of safe transportation to and from work?

What other businesses operate in the area and at what hours? In what ways (positive or negative) could these businesses affect security issues?

Are employees trained in how to handle incidents (including intrusions, threats and medical emergencies)?

Does the sensitivity of call center information necessitate background checks on new or existing employees? Does the organization have the necessary policy and capability for such investigations?

Do the center’s security controls meet all applicable regulatory requirements?

Source: CSO reporting