For a business considering migrating call center operations to the cloud, two primary concerns are security and availability.

But according to Tony Bradley, PC World contributor and principal analyst with the Bradley Strategy Group, the debate over cloud availability is “silly” while concerns about security and privacy are valid.

Others agree. Earlier this year the Cloud Security Alliance (CSA) identified the top threats to cloud computing, and topping the list of the Notorious Nine was data breaches. Regarding this, Ted Samson of InfoWorld explained, “If a multitenant cloud service database isn’t designed properly, a single flaw in one client’s application could allow an attacker to get at not just that client’s data, but every other clients’ data as well.”

Data security and privacy controls are critical issues for a call center, particularly those that handle private health information or credit card purchases. And for cloud call center providers, compliance is an important part of their service offering.

Christopher Carrington’s dated but still relevant article on the impact of PCI compliance on the call center provides an excellent introduction for businesses to understand the entire process at a basic level.

Mr. Carrington also offers this sage advice, “When selecting an outsourcing call center partner, companies must understand the level of certification, and thereby the level of protection, the call center provides them. It is also important to remember that certification is an ongoing process. Companies that claim PCI compliance at one point in time need to provide proof of established processes that will maintain compliance over the years.”

Your call center technology provider must be able to help achieve the data security, privacy and, yes, availability to remain competitive. With Chris’ input in mind, I hope you’ll check out our most recent white paper on this same subject “Call Center Compliance in the Cloud”. This document should help you better understand your call center technology provider’s software development and build practices, ongoing risk assessments and approach to data segmentation.