Customer data is the lifeblood of the contact center. Your ability to deliver seamless customer experiences across multiple channels depends on it. Unfortunately, where there is data there is also security risk. The question is how do you handle that risk to reduce your company’s liability while enabling your agents to deliver the service customers expect?

There are four ways to respond to negative business risk:
• You can accept the risk without making any effort to reduce its impact.
• You can avoid the risk altogether by either eliminating it or choosing not to take the action associated with the risk.
• You can transfer the risk to a third party such as an insurance company or outsourcer.
• You can mitigate the risk by reducing its probability or impact.

Unfortunately, given the role of data in the contact center, acceptance and avoidance simply aren’t viable options. If you accept the risk of a data breach or compliance violation without any effort to reduce its impact, you won’t be in business for long. If, on the other hand, you choose to limit the types of transactions you perform or the customer data you collect, service levels will suffer and so will business.

That leaves transference and mitigation as your two options for responding to contact center risk. Neither of these options eliminates risk entirely (only avoidance can do that). However, they are intended to reduce risk to acceptable levels. The difference comes down to how much risk you’re exposed to and in what manner. Ultimately, your best route – assuming you do your due diligence – is to transfer the risk to your contact center technology provider.

 Download this white paper here.

Risk transference offers a couple of benefits. When outsourced to an experienced provider, transference allows you to reduce your risk lower than if you were to mitigate it on your own. That is, if the provider is an expert in contact center security, and applicable laws and regulations. Transference also enables you to focus on your business, rather than on reducing risk. And when new business opportunities raise questions about risk, the provider serves as a trusted advisor.

Unfortunately, transference can be tricky. Many contact center technology providers claim that their customer engagement platforms meet regulatory compliance requirements and/or industry security standards. However, when you read the fine print, you see that the responsibility for ensuring the security and privacy of the data ultimately falls back to you. If a compliance violation is found or a data breach occurs, the liability ultimately lands in your lap.

This is where due diligence comes in. When looking for a contact center technology provider, look for one that has security and regulatory compliance as a core focus. The technology itself should have data security and privacy controls built in – not added on after the fact. The provider should be able to demonstrate compliance with industry standards, such as PCI-DSS and HIPAA, and have a history of deploying secure environments in which its technology runs. Of course, all of this must be achieved with minimal impact to your agents and your customers.

In short, the provider and its technology should play an active role in helping you manage risk. If it’s not actively managing risk, then it’s increasing your risk – and it’s time to find a new provider. To learn more about understanding and managing risk in the contact center, download our white paper .