It’s highly evident that technology is having a profound effect on the logistics sector. Today’s advanced tracking tech allows shipments to have their every move recorded, which is crucial for ensuring maximum efficiency within the business. At PCI Pal, we work with some of the largest logistics organizations in the world and while the impact of technology is plain to see, there are additional considerations firms need to take into account when embracing new technology – one of those being data compliance.
With analytics systems collecting real-time data about how a business is operating, how goods are being shipped and how customer’s data can make services more efficient, a lot of personal information is entering and remaining in business’ infrastructures that could be accidentally exposed to staff, partners or, more worryingly – hackers. In 2017, Forbes reported that hackers have put the logistics industry on an international target list as two large logistics organizations suffered data breaches that affected multiple companies. The logistics and transportation industries are attractive to hackers because companies in these sectors often use embedded technologies that are integrated with other, often smaller businesses that are generally more vulnerable.
Effective data security practices are vital to prevent costly breaches and the misuse of valuable data. Traditionally, protecting this data in contact centers consisted of user training, awareness and deploying ‘compensating control’ technologies that manage the access to personal data. Conclusions from a study conducted by Verizon found that 60 percent of organizations are still leveraging outdated pause-and-resume technologies, as just one example, to avoid storing sensitive payment data on call recordings. Users are paused while their payment information is collected, which disrupts the flow of business and causes issues from an audit trail and complaint resolution perspective.
It is better to eliminate the risk of data breaches at the contact center level by preventing personal payment data from entering the environment in the first place. De-scoping telephone-based payment processing from the requirements of PCI DSS by utilizing DTMF Masking technology allows payment card information to be provided without your contact center agents having access or sight of the data – meaning there is simply no payment data in your company’s systems to be compromised.
Contact us today to discuss how we can help your organization implement these changes and how we can assist you in overcoming the compliance hurdle.