How to descope your call centre from PCI

Descoping your environment from the requirements of PCI DSS is?a no-brainer!??Keeping customers’ card data out of company systems and minimising contact areas where data is processed or stored?can only be a good thing. The simplest way to do this is?by outsourcing payment processes to a compliant third party.? FIS Worldpay can help you to do this.

There are many benefits from descoping. While the most obvious benefit is?the achievement, and maintenance, of?PCI DSS compliance?(plus, industry leaders and the PCI Security Standards Council recommend this approach), another great benefit is the cost savings?your organisation?could?realise.??

From decreasing necessary infrastructure updates?and eliminating the cost of penetration testing and vulnerability scanning, to minimising?additional employee training?and?reducing the chance of a costly data breach, descoping?as?a?means of achieving compliance can?be an investment with a worthwhile return.??

Here are three areas where your organisation?can?save money by descoping:?

1. Technology and Network Segmentation?

When you descope, your organisation’s technology (such as desktops, WIFI and malware software) is no longer under the strict PCI requirement to patch and update frequently and constantly.??

You also save money by no longer having to deal with network segmentation. This is typically the biggest ‘technical’ cost by far. Organizations that?don’t?descope must perform network segmentation to keep card payment data separated from business systems. Not only is this?expensive,?but it?can also be onerous.??

Businesses have spent years integrating all their systems together, only to now be told they need to separate their networks out again to stop back-office staff from having access to any system that might have card data flowing over it.?Instead of completing a counter-intuitive process, descoping allows technology to work as it was originally designed.?

Further, most companies traditionally have one big ‘flat’ local area network (LAN) where employees can connect their computers anywhere and reach everywhere. To segment the LAN into secure sections costs lots of money?and?time, potentially causing?disruption. However, it must be done to stop?a would-be hacker?from attaching to the network (by Wi-Fi or cable) and gaining access to card data flowing over the network.??

With descoping, these otherwise necessary actions disappear from the to-do list.?

2. Employees?

Cost savings surrounding employees are dynamic when descoping happens. For one thing,?specialised billing departments are no longer required, as any agent is now able to take payments securely.?

In addition,?employee onboarding costs are reduced. Training becomes less complicated, with?the focus being on the personal interaction instead of multiple processes and transfers.?This saves time and reduces the potential for employees to miss important information on data security, since they no longer need to learn it.??

Employee background checks become less necessary, as descoping means employees are no longer?able?to steal personal?payment card?data – and your organisation is no longer liable.??

The Payment Card Industry Data Security Standard?assumes that all?contact centre agents?are?malicious insiders. For this reason, it instructs organisations that have not descoped to treat them as?internal threats. This means:?

• Completing background checks?
• Having CCTV in place??
• Stopping them from accessing, or restricting access?the Internet and their personal email while at work?
• Turning the contact centre?into a ‘securely monitored environment’?
• Forbidding phones and bags from entering the contact centre?environment?

It’s?no surprise that contact centre?agents also tend to be happier when their organisation has descoped, with the above bulleted actions no longer taking place. Their jobs are?simplified,?and they have a more relaxed work environment. Burnout?doesn’t?happen as quickly, either.?

Assuming happier agents are less likely to leave a company, the cost of recruiting and onboarding new talent decreases.?

Happier agents are also more likely to have better interactions with customers, resulting in better service (and maybe even more sales). After all, a positive customer representative?provides a more positive?customer experience.?

3. Data Breaches?

When an organisation descopes its environment from the requirements of PCI DSS, the chances of a data breach decrease dramatically. After all, a bad actor?can’t?steal personal data that isn’t there.??

While this cost savings area might seem obvious, it is worth emphasising.?

According to?IBM’s Cost of a Data Breach Report 2020 , the average total cost of a data breach is $3.86 million. This?total?is comprised of costs across four different categories:?

• Activities that enable a company to reasonably detect the breach.?
• Activities that attempt to minimise the loss of customers, business disruption and revenue losses.?
• Activities that enable the company to notify data subjects, data protection regulators and other third parties.?
• Activities that?help victims of a breach communicate with the company and redress activities to victims and regulators.?

Essentially,?it’s?expensive to have your data breached, identify it, and ensure minimum reputational damage. Speaking of reputational damage,?64% of consumers in UK and US will avoid a company after a data breach.?30%??and?17% respectively say they will never return. ?

Descoping is a great move for any organisation?taking payments. Not only does it mean removing work from the organisational to-do list,?it?can also?provide a true wealth of savings?both financial and otherwise.???

If?you’re still?not?convinced?descoping is the right move, you may want to become familiar with the 19 tasks every organisation needs to complete when descoping isn’t a part of its strategy.?

We’ve compiled these tasks into a checklist for you, contact me for more information.

My name is?Mat Everitt ?and I am proud to lead a team of spectacularly committed and expert professionals within the Strategic Sales Team at FIS Worldpay.

Whatever you need to achieve in face to face or online payments,?anywhere in the world , we can help you to achieve?MORE ! Our mission is to help businesses and communities thrive by advancing commerce and the financial world.

While our work is often behind the scenes, we keep global commerce and the financial world running for our clients. It is a heavy responsibility and an incredible opportunity. It’s in times like these, when the world is so unsettled, we work to make the biggest difference for you.

Why you should work with?FIS Worldpay

FIS? serve 90% of the top 50 largest global banks

FIS ?serve 90% of the top 20 Private Equity firms

FIS ?are the world’s?largest?acquirer with?double?the volume of the 3rd and 4th leaders?combined

FIS ?move?$9T around the globe annually,?process?75B transactions across the world and?serve?1.3B cards worldwide.