5 Security Myths Debunked: Steps to Protect Customer Data in the Remote Era

The remote work era has introduced new cybersecurity challenges and as more customer service agents continue to work from home (WFH), protecting your customers’ sensitive data has never been more crucial. 

In a recent Five9 webinar poll, 53% of respondents stated that their level of cybersecurity  has become “more vulnerable, as human error has been challenging.” Therefore, one simple mistake in the contact center can jeopardize your customers’ trust and even put your company’s future in danger.

In an exclusive interview with Ed Glover, Chief Information Security Officer at Five9, he debunks the top cybersecurity myths that will help your remote contact center employees stay ahead of cybercrime in the remote work environment. Let’s begin:

Myth #1: You are less vulnerable while WFH  

Ed Glover: “Remote employees can be more vulnerable while WFH if they are not using company provided devices as IT can lose the ability to monitor employee activities. Typically, IT specialists can see what files employees are downloading or if their visiting malicious websites. More importantly, we have seen a rapid increase in phishing attacks during the pandemic and cybercriminals are exploiting remote employees’ anxieties about COVID-19. Therefore, your remote employees need to have monthly security trainings so they can recognize and avoid phishing scams.”

Myth #2:  Any Wi-Fi is okay to use

Ed Glover: “Remote employees should always avoid public Wi-Fi and should create strong password credentials at home. Routers that are not password protected are prime targets for hackers, especially in today’s COVID-19 era. Due to the increase in remote work, cybercriminals are targeting the home router, which is an easy attack vector. Therefore, companies should also have mandatory trainings regarding creating strong password credentials so that your employees can recognize easy-to-guess passwords and secure their home router.”

Myth #3: Personal devices are safe

Ed Glover: “Remote employees may be tempted to work on a personal device. However, they might not have a reliable anti-virus security software installed on their personal device to prevent cyber-attacks. Agents should only use company sponsored devices that have been hardened and they should never use a personal email address for work and vice versa. As discussed previously in this interview, IT also loses the ability to monitor employee activities on personal devices.”

Myth #4: The cloud is less secure

Ed Glover: “The cloud is more secure; however, people do not take ownership of their security responsibilities. According to a Gartner article, through 2025, 99% of cloud security failures will be the customers’ fault. This is a direct result of not understanding and enforcing the policies on what the cloud responsibilities are versus what the customer responsibilities are. Too often, the customer does not define and take ownership of the shared security responsibilities. They rely on the cloud do it all. Depending on the cloud deployment type (IaaS, PaaS, or SaaS), there are clear differences in responsibilities

For example, in an IaaS deployment, the cloud provider will manage the security from an infrastructure, environmental, network and virtualization standpoint.  The customer is responsible for all other security requirements (e.g. patching of the Operating System (OS), etc.).  While in a SaaS deployment, the cloud provider manages and secures the entire application and infrastructure including patching the OS.  The customer is responsible for managing data, as well as user access/identity permissions.”

Myth #5: It’s IT's Problem

Ed Glover: “Security is everyone’s problem. The human element is the largest security risk out there and your employees are the first line of defense. Whether it is downloading the wrong software or clicking on a phishing link, people need to understand and be aware of common security vulnerabilities. Creating strong passwords and monthly mandatory security trainings can go a long way in protecting your customers’ loyalty and your brand’s reputation.”


To get a deeper dive on cybersecurity in today’s remote work environment watch our on-demand webinar with recognized cybersecurity expert, Dave DeWalt and Rowan Trollope, CEO of Five9. Click here to access our on-demand recording.