By Mandy Pattenden, Marketing Communications Director
Businesses around the world have been forced to navigate using remote workforces for a couple months now during the COVID-19 pandemic, but that doesn’t mean everyone is doing it correctly. Several common mistakes are proliferating in remote working conditions, and because businesses may never fully shift back to previous models, many of these issues may persist long after the pandemic subsides.
A remote working policy can be especially challenging for call centers, customer support representatives (CSRs), eCommerce businesses, sales professionals and anyone else who now needs to regularly interact with customers in an environment that may be less secure than their typical office-based work location.
For example, how do businesses ensure oversight and security when customer support representatives or call center employees are working remotely? How can they protect payments and personally identifiable information (PII) to comply with privacy regulations like the Payment Card Industry Data Security Standard (PCI DSS), GDPR, and CCPA? What is the elevated cybersecurity risk of having employees using their own devices and networks, or being in public settings with the potential for intrusion?
These are all warranted concerns. Fortunately, organizations can follow best practices to avoid five of the most common and costly mistakes:
- Not maintaining proper communication
- Losing sight of business objectives and not using real-time analytics for tracking
- Not providing necessary tools to maintain critical tasks
- Forgoing cybersecurity procedures
- Not educating employees on maintaining security to protect customers and reduce risks
Maintaining Communication with a Dispersed Workforce
With a dispersed workforce, organizations need to be deliberate in their frequency, technology use and overall communication approach. Generally, employees maintain job satisfaction, produce the best results and avoid burnout when they feel connected. And while some may believe that remote workers are less productive, the tendency often is actually to overwork rather than underwork.
Therefore, it is critical to maintain communication between team members to rebalance as needed and regularly check-in across channels including video conferencing, informal messaging systems, email and just picking up the phone occasionally. We also suggest that organizations follow two other best practices:
Setting clear communication protocols and systems: Ensure that everyone understands communication guidelines, including appropriate response times, when to use chat messages rather than email, and the like. The organization should also standardize on one messaging system, so employees don’t need to manage multiple systems, which can increase the risk of messages going unnoticed.
Following a clear workflow: Companies that don’t already have a built-in workflow, such as call centers, may want to test using an online project management system for work assignments and monitoring. These systems can also help people to share proactive project updates and help leaders to easily see the status of each project.
Keeping Critical Business Analytics in Sight
Despite knowing the pandemic will eventually pass, this is not the time to lose sight of tracking key performance indicators (KPIs) and using analytics to manage and improve business operations.
By incorporating real-time analytics, such as Intelligence+, organizations can obtain a reliable view of how their payment and customer support systems are operating from anywhere. Gaining robust analytics on all customer touch points or potential areas of concern – including failed payments, system resets or increased wait times – can help organizations improve customer and employee satisfaction, or to adjust operations as needed. With the insights gained from Intelligence+, organizations can also create a better remote working environment to reduce turnover and recruitment costs by maintaining proper staffing levels during the busiest times, helping to alleviate employee burnout.
Additionally, an analytics tool like Intelligence+ can help provide peace of mind when operating remotely, by helping ensure organizations stay fully compliant with the latest data security regulations and standards, including the PCI DSS, the General Data Privacy Regulation (GDPR), HITRUST, and the California Consumer Privacy Act (CCPA).
Providing Necessary Tools to Maintain Critical Tasks
Customer support agents, sales professionals and other public-facing employees need the correct tools to accept payments, protect customer privacy and maintain critical tasks while working remotely. One of the best safeguards to protect PII is to ensure it never enters the organization’s network environment in the first place.
Technology solutions like Cardprotect Relay+ and Cardprotect Voice+ enable CSRs and sales professionals to securely and easily accept payments over the phone or through any digital channel customers prefer including web chat, social media, email, SMS and QR codes. Because these cloud-based payment solutions sit outside of the organizations’ network and securely route the encrypted payment card data directly to the payment service provider (PSP) for processing, the sensitive data is never directly handled by the employees and does not touch their home network. Moreover, by keeping sensitive data out of their network environment, the business is able to maintain PCI DSS compliance and minimize security risks such as the potential for data breaches.
Strengthening Remote Cybersecurity Procedures
With a remote workforce, the need for strong cybersecurity protocols has never been more important. Since the COVID-19 pandemic began, there has been a massive increase in cyberthreats targeting remote workers and vulnerable businesses. For example, it has been reported that phishing attempts and business email compromise (BEC) attacks have soared more than 600% since the end of February.
Additionally, these attacks attempt to use COVID-19 concerns to trick users into handing over logins and financial information, or to download malware, which is a key challenge if remote employees are using personal devices.
To protect against these threats, organizations must secure the owned laptops, mobile phones and other Wi-Fi enabled devices that connect to their networks, while also protecting against potential vulnerabilities introduced by employees’ devices. Organizations can mitigate these challenges and continue to comply with regulations like PCI DSS by using encryption methods and installing a corporate VPN.
Training on Maintaining Protections and Privacy Compliance
The final best practice for protecting against threats and to ensure PII remains secure, is to educate all employees on the risks and steps needed to maintain security across workflows and devices when working at home.
Organizations should conduct a mandatory refresher training on PCI DSS security awareness for all employees, as well as to educate them on common COVID-19 cybersecurity threats to watch out for. These trainings should instruct workers on a variety of topics including: best practices for password security; how to ensure devices are patched, malware protected and using a firewall; only using encrypted communications channels, such as a VPN, to access a company network; ensuring that housemates or family members don’t have access to business systems; and more.
While operating a business remotely during these uncertain times poses numerous challenges, companies can employ these best practices to avoid the most serious mistakes and be prepared to meet customer needs well into the future.