PaymentsJournal
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • COVID-19
  • News
  • Events
No Result
View All Result
PaymentsJournal
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • COVID-19
  • News
  • Events
No Result
View All Result
PaymentsJournal
No Result
View All Result

Securing Your Remote Workforce. How to Protect Payments, Sensitive Customer Data and Keep Your Businesses Running

Gary Barnett by Gary Barnett
May 14, 2020
in Fraud Risk and Analytics, Industry Opinions, Processing
0
Securing Your Remote Workforce. How to Protect Payments, Sensitive Customer Data and Keep Your Businesses Running
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

As businesses around the globe and in all industry sectors face a new reality of managing remote workforces, their ability to secure payment systems, technology access, and sensitive customer data from anywhere and particularly the home, has never been more important.

Most organizations have had to further digitize themselves during the COVID-19 pandemic. Out of absolute necessity, consumers everywhere have turned online and to mobile channels, or dialed into call centers to make purchases, schedule medical appointments, change their travel plans, pay bills and more. These shifts have placed increased workload and responsibility on customer support teams, salespeople, IT security personnel and the businesses that employ them. They must maintain operations and provide their newly remote/home based employees with access to enterprise technologies, all while still ensuring strong security around sensitive customer data and compliance with a raft of regulatory requirements in a rapidly evolving environment.

So how can organizations ensure their employees who are processing payments and handling other types of personally identifiable information (PII) – such as credit card data and bank account numbers – maintain compliance with data security and privacy regulations like the Payment Card Data Security Standard (PCI DSS)? While this unprecedented situation has changed how businesses must operate to survive, they cannot simply just stop complying with data security and privacy regulations as their workforces move to a remote model.

Organizations need to employ modern payment technologies and strict security protocols to ensure customer PII is handled in a PCI DSS compliant manner everywhere. Upholding these standards also forms a safety net to help mitigate potential COVID-19 related fraud, cybersecurity risk and data breaches.

Enable Your Remote Workers While Protecting Payments and Sensitive Data

Despite the challenges and concerns of remote working, organizations can follow best practices to ensure they maintain compliance with regulations, securely handle consumers’ personal data and still offer a frictionless customer experience. These practices also align with the PCI Security Standards Council’s advisory on protecting payment card data when implementing a remote-work model in response to COVID-19.

  • Minimize Exposure to Sensitive Card Data

One of the most effective ways to protect payment card data and other PII is to ensure it is never handled or held by customer service representatives (CSRs), sales professionals or other employees who do not need access to it, whether they are working remotely or in their normal environments.

Modern payments solutions can enable CSRs and sales professionals to process payments over the phone or through any digital channel customers prefer – including web chat, social media, email, SMS and QR codes – while ensuring that the sensitive payment data is kept out of the organization’s (or remote employee’s) network infrastructure completely. By using technologies like dual-tone multi-frequency (DTMF) masking and encryption, today’s cloud-based payments solutions can sit outside the network and securely rout sensitive payment card data directly to the payment service provider (PSP) for processing.

Because the employee never directly handles the sensitive data and it does not touch their home network, the business is able to maintain PCI DSS compliance and minimize security risks such as data breaches or fraud. Meanwhile, customers still benefit from making fast, secure and seamless payments through the platform or channel they prefer.

  • Conduct Security Awareness Training for All Employees

As employees transition to a home-working environment, it is critical that they are educated on the data security risks and what steps they must take to maintain the security of the systems, processes and devices they are using from home. Organizations should immediately conduct a refresher course on PCI DSS security awareness for all employees. This will help them understand the proper ways to handle sensitive information while working from home, and how to recognize potential threats. Among other topics, security awareness training should instruct remote workers on:

  • Best practices for password security.
  • How to make sure their devices are up to date on patches, anti-malware protection and firewall functionality.
  • Using only secure and encrypted communications channels, such as a VPN, to access the company network — and to never use an unsecured Wi-Fi network.
  • Turning off voice-activated smart speakers like Alexa to ensure that sensitive information discussed in telephone conversations is not overheard.
  • Ensuring that housemates and family members do not have access to any business systems.
  • Harness Data Encryption Methods

Securing laptops, mobile phones and other Wi-Fi enabled devices has become more challenging than ever. Organizations must secure the company devices that connect to their networks, while also protecting against potential vulnerabilities introduced by employees’ mobile phones and other personal devices. Organizations can mitigate these threats and continue to comply with regulations like PCI DSS by using encryption methods such as WPA2 and installing a corporate VPN. These security tactics can reduce the scope of compliance for employees working in remote environments.

  • Leverage Real-Time Analytics

With newly dispersed workforces, businesses should also consider incorporating real-time analytics solutions to obtain a reliable view of how their payment and customer support systems are operating from anywhere. Gaining robust analytics on all customer touch points or potential areas of concern – including failed payments, system resets or increased wait times – can help organizations improve customer and employee satisfaction, or to adjust their operations as needed.

While organizations will need to navigate these challenging times with remote employees and strains on their systems for the foreseeable future, they can still harness modern technologies to protect payments and customer data and ensure compliance with regulations. By employing best practices for handling sensitive data and protecting their networks, businesses don’t need to sacrifice payment security and delivering the best customer service with a dispersed workforce.

Tags: CoronavirusFraud PreventionPayment Processingremote employeesSemafone
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Analyst Coverage, Payments Data, and News Delivered Daily
    Sign up for the PaymentsJournal Newsletter to get exclusive insight and data from Mercator Advisory Group analysts and industry professionals.

    Must Reads

    How PayPal Achieves High Authorization Rates

    How PayPal Achieves High Authorization Rates

    January 19, 2021
    Explaining the Bill Payment Ecosystem

    Explaining the Bill Payment Ecosystem

    January 15, 2021
    QSRs Can Address Loyalty Program Shortcomings by Serving Up Better Offers

    QSRs Can Address Loyalty Program Shortcomings by Serving Up Better Offers

    January 14, 2021
    How Merchants Can Prevent Account Takeovers—and Why Failing to Do So Amplifies Operational Expenses

    How Merchants Can Prevent Account Takeovers—and Why Failing to Do So Amplifies Operational Expenses

    January 13, 2021
    How Banks Can Leverage Tech Partnerships to Enable Innovation for Commercial Clients

    How Banks Can Leverage Tech Partnerships to Enable Innovation for Commercial Clients

    January 11, 2021
    The Future of Phixius (and Interoperable Financial Services)

    The Future of Phixius (and Interoperable Financial Services)

    January 8, 2021
    Fraudulent Activity is the New Virus, and Here Are Some Possible Solutions

    Fraudulent Activity is the New Virus, and Here Are Some Possible Solutions

    January 7, 2021
    The Future for Restaurants is Touchless

    The Future for Restaurants is Touchless

    January 6, 2021

    Connect With Us

    • Advertise With Us
    • About Us
    • Terms of Use
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    • Industry Opinions
    • COVID-19
    • News
    • Events

    © 2021 PaymentsJournal.com

    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Industry Opinions
    • Faster Payments
    • News
    • Jobs
    • Events
    No Result
    View All Result
    ×

    Login

    Forgotten Password?

    Lost your password?
    | Back to Login

      Subscribe!

      Thank you for visiting PaymentsJournal! Please subscribe to our newsletter to receive consumer data insights and daily analysis from Mercator analysts and industry experts.

      ×

      How will COVID-19 Effect the Payments Industry?

      Check out our latest:

      – Consumer Data – Complimentary Reports
      – Podcasts – Mercator Analyst Commentary
      – Industry Opinions

      ×

        Download the complimentary whitepaper - INSIGHTS ON CHANGING CONSUMER BEHAVIOR
        Published on July 15th

        ×

        WEBINAR:
        How Digital Acceleration Will Affect Payment Industry

        Please join us for this panel discussion on addressing the challenges to pave the way to payments innovation and profitability and gain insights on the key trends and challenges impacting the payments landscape in North America.

        REGISTER