804 :  Your Employee from Home—Managing Security for a Virtual Call Center
Wednesday, 3:15pm - 4:15pm

 
Track: Virtual Workforce

This talk will inform attendees about the vulnerabilities inherent in operating a virtual call center and the resulting risks. Attendees will learn how to eliminate or mitigate those risks.

There are many advantages to having your call center staff operate from their homes—you can reduce facility and utility costs; employees are more willing to work part-time or split-shift allowing a best fit of resources to demand; and having employees based in low cost-of-living areas can reduce salary costs. However, you have to ensure that the equipment used by that remote employee, the environment in which it is used, and the tasks performed on it are compliant with the policies and standards of your company, your clients, and your industry. By opening your systems to remote staff, you incur the duty to make certain that only they can access those systems. If the configuration of that remote computer or the actions of your employee allow malware to be installed, you run the risk of exposing your client’s or your client’s customers’ sensitive information. This can lead to the loss of a client, incurred legal liabilities including the requirement to announce a data breach, and depending on the nature of the information lost, e.g. health information or credit cardholder information, punitive measures enacted by organizations responsible for the safeguarding of those types of information. This talk will examine the vulnerabilities of a virtual call center, the resulting risks, and the steps that can be taken to eliminate or reduce them.

Hoyt L. Kesterson II

Senior Security Architect, Terra Verde Services

Hoyt has more than 40 years of experience in information security and related technologies.  For 21 years he chaired the international standards group that created the X.509 certificate, a fundamental component and underlying technology of secure websites (SSL). He is the vice-chair of the American Bar Association’s eDiscovery and Digital Evidence Committee. He has given many security talks at the RSA Security Conference, to ABA conferences for CLE credit, and to other organizations such as ISSA. He is a PCI QSA who has helped call centers secure their services.

Ed Vasko

Managing Director, Terra Verde Services

Edward is an Information Technology executive with 20 years of diverse management and technical experience with a core focus on Information Security. He has experience as a leader/manager of large, worldwide integration teams in the deployment of complex, distributed IT solutions for clients around the world.  His experience as a business owner and executive manager coupled with his extensive work with a wide range of enterprise-level solutions allows him to bridge the operational and technical needs of clients. He has expertise in identifying technology risks and vulnerabilities.  The advantage these skills bring to a client has been his ability to deliver efficient, state of the art solutions that provide high corporate value.  He has delivered these solutions for a wide range of markets around the world.