Wednesday, February 15, 2006

Are you encrypting your recorded calls?

If you process credit card transactions, it is most likely that customer credit card information is being stored in their account record in your customer relationship management (CRM) software. Most web based CRMs use Secure Socket Layer encryption to protect your valuable date. Most companies use some form of customer quality assurance - for example, call monitoring and recording. Often these QA systems are also capturing screen data during the calls.

Capturing the call as well as the screen activity, as well as any chats or emails sent during the call, comprises a "recorded event". Events are typically stored in a database for later playback or for archiving. This process is usually tagged as Media Encryption.

Events should definitely be encrypted to protect customer data. Visa requires it now("Payment Card Industry - Data Security Standard"). Encryption should be 256-Bit and all media should be stored and archived in encrypted format. Files are decrypted locally to prevent network exposure.

...more on Visa security standards

Popular Posts