Why you should deploy CallGuard throughout your entire contact center

I often speak to potential clients who only take payments on a relatively small percentage of their calls. For example, a typical insurance company might only take payments on 10-15% of their total calls. Companies in this situation often think they only need to deploy CallGuard on calls where they know that a payment is likely to be taken. Why invest in CallGuard coverage across 100% of your calls when it might only be needed on a small percentage of them? However, this is a mistake for a number of reasons. 

If all your calls are running through CallGuard, then from a PCI security standpoint you are completely covered. Doing this de-scopes your entire contact center from PCI DSS. This then saves you a huge amount of time and money when it comes to the PCI audit process. 

However, if only a small percentage of your calls go through CallGuard then that leaves 95% of your calls still in scope for PCI DSS. The potential for a data breach still exists. Unless you can be 100% certain that a particular agent will never need to take a payment, then your agents can still be potentially exposed to sensitive card data. 

Organizations often think that they will be able to segment out a particular group of agents who take payments and separate them from other agents who will not take payments. In reality doing this accurately is much harder than it looks. Agents move around between teams. New agents join, old agents leave. Customers call in with one type of inquiry but during the call it turns into a different type of inquiry. There are many situations where a payment may need to be taken unexpectedly or by someone who does not usually take payments. 

By far the best way to manage this process is to ensure that all your agents are covered by CallGuard. Then you have complete flexibility. Anyone can potentially take a payment at any time. No need to transfer callers between teams. No need to worry about who is and isn’t covered to take payments securely. 

De-scoping the entire contact center also makes life much easier when agents leave, and new agents join. When a new agent joins, you don’t need to consider which group they’ll be in, or what type of calls they’ll be taking, or whether they could possibly be required to take a payment at any point. You can deploy them however you wish, and the training and process is exactly the same. Everyone is covered, all of the time. You have the flexibility you need to move agents around from team to team. You can have some agents in your own contact center, some in an outsourced contact center, others working from home. It doesn’t matter. You’re de-scoped entirely from PCI DSS. No one can ever be exposed to sensitive card data because it’s never collected.

Crucially, if the whole contact center is de-scoped from PCI DSS, then there’s no need for an expensive and time-consuming audit process. PCI compliance audits can cost anything from $20,000 up to $200,000 depending on the size of the organization. If you only deploy CallGuard in part of your contact center, then you are still going to be liable for the full cost of an audit. 

It's not just the upfront cost of the audit process itself or the costs of the security measures that you have to deploy to ensure compliance. There’s also an opportunity cost associated with tying up the time of your staff answering questions and collecting together information as part of a complex audit process. Imagine what else those people could be doing if they didn’t have to do that. How many FTE hours could be saved and used more profitably elsewhere in your organization. 

Only by deploying CallGuard throughout the entire contact center will your contact center be de-scoped. The cost savings here are significant, and that’s before you begin to consider the potential cost if there is a breach.

De-scoping your entire contact center, by ensuring that customers’ sensitive card details can never enter any part of the contact center, environment removes completely the risk of a data breach in which card details can be stolen. And while it may only be 10-15% of your agents who take payments, it’s 100% of your reputation on the line if there’s a breach.