Is There Such a Thing as Ensuring Data Security?

By Renny Koshy, Platform28 on January 28, 2015

There is data security, and this is how we do it.

We’ve all been hearing and reading the news stories about major corporations seeing huge security breaches. If you think about what happened at Home Depot or at Target late last year, it seems like company after company have been reporting data security failures that have put their customers (and their data) at risk. The latest one in the news, reported by Forbes.com, is Kmart, with their point-of-sale systems compromised by malware.

There is a perception out there that as our lives, communities and spending become more and more virtual, the risks of compromised data will continue to grow. Of course, this is a real and mostly legitimate concern.

As more companies are affected by publicly reported security breaches, the the pundits are beginning to believe that PCI (Payment Card Industry) compliance standards are potentially not good enough. Major financial institutions like JP Morgan and Bank of America, whose systems have been compromised and hacked over the last year have exposed what is happening with personal data, and the extent of damage that can be done. The JP Morgan hack alone affected 76 Million households and 7 Million small businesses. Each business entity is painfully aware of the breach of course, because each has had to go through the hassle of establishing new accounts or setting up new cards. Many customers have asked what does this actually mean from a personal information leakage perspective; what do these criminals now know about me?

Our software is used by a myriad of different companies and institutions, all of whom have mountains of data that must be kept secure. While some vendors hold sensitive client data (Social Security numbers, etc.) or even bring in encrypted versions tied to unique identifiers on servers that are on premises or at the business, we’ve put a method in place that protects data. Our methods are designed to keep clients data flowing anonymously through pipes, creating a safe zone of sorts, where data is used appropriately to help a company’s team of customer service agents maximize their ability to serve; this exposure to data without holding any data, protects identity and personal information at what we like to think of as a Fort Knox level of security.

While we assure you that what we do is incredibly complex, we can give you a simplified glimpse into how we do what we do.

First, our data is tokenized. Data processed by our contact center software is broken apart, jumbled, and replaced with “non-sensitive equivalents”. In that state, data is useless to hackers. The tokenized data is protected, with your clients’ sensitive information scattered and piecemeal it is of no use to anyone. The tokenized data is also then encrypted for extra level of security. That’s when we apply the algorithms. Data processed through our software is not only broken apart and made hack-proof, it’s shielded by even more security measures.

When working with cloud software, resources within the cloud computing environment are shared by users across the board. With Platform28 data centers, we offer a powerful data separation environment, where personal data is shared across several dedicated servers and is Always Active and accessible by your business with REST API. This also allows us to supply your company with a kind of multi-tenancy that protects your people. The promise of multi tenancy allows you to give access privileges and grant rights to the prescribed levels, duties, roles and responsibilities your business requires. Think of it this way: managers and supervisors have certain administrative access; super users have their own rights; and every-day agents have their own level. In each of these cases the data simply uses the pipes we build to funnel the tokens separately, coming back together only to reveal pertinent info by right or privilege.

What about dynamic data collected in-route while a customer is in contact with the IVR? Companies now collect contextual data about clients who call. Have they been speaking negatively or positively? Have they made any reviews on the products on prominent websites? Does that information indicate a highly dissatisfied customer who will need the attention of higher ups or can we handle the situation with the information already collected? And even though that information gathered off the web is open, can it be compromised when it’s integrated and therefore connected with the clients PII (Personally Identifiable Information), and that could put them at risk? Don’t worry, our same solution from above works for that too.

The important thing to remember is that PII is never actually housed within our software. The information is collected, routed, used, and then it passes through our systems like it was never there. The risk of compromised PII becomes significantly lower. The data is never actually stored together, if at all, and is simply accessed to help Customer Service Agents do their job optimally. With Platform28 software, you can put your client’s mind at ease: Their PII is never stored, and the people helping them only use it to provide the best customer service around.

Across all different business types, enterprises are moving to the cloud, yet they are only just beginning to move their contact center platforms. They are migrating and utilizing cloud for everything from data storage to payment processing. Remember, through all those different cloud functionalities, private customer data is milling around. Don’t let your fear of security breeches slow your migration to the cloud down. Platform 28 protects all that data with our industry unique, and incredibly intuitive security practices.