Field service organizations handle customer data on a daily basis. As a result of increased adoption of mobile, cloud and connected technologies, the volume of that data is increasing every day. These technologies help companies improve service performance, but they can also pose a security risk. With help from colleagues in IT, savvy field service leaders are making data security a top priority to ensure customer data is safe, secure — and accessible.
Jeffrey Babe is director of field and advanced services, Americas, for communications hardware provider Polycom. In 2014, his team of engineers, managers and consultants visited nearly 4,000 customer sites in 19 countries. Babe spoke with SmartVan about how the team keeps customer information secure, and how mobile devices are forcing the company to adapt its data protection strategy.
What type of customer data does Polycom handle?
Jeffrey Babe: Deploying integrated IT solutions always requires a high level of planning, collaboration and sharing data that may be sensitive. Even routine install information like customer contact details and IP addresses can be confidential and a risk if not handled carefully. When you are working with network designs and datacenter information, data security is paramount. Treating all customer data securely is of crucial importance.
What technologies do you use to protect that data?
Our IT team provides best practices for securing data. I can’t provide specific detail on technologies we have in place for data security, but there are common industry recommendations that are a good place for any company to start: complex passwords, changing passwords regularly, SSL/TLS encryption, digital certificates and user awareness training, to name a few.
Many businesses are migrating IT services to cloud-hosted environments, which can have security advantages over on-premise hosted services. While there is a good amount of debate on this topic, some recent studies have shown that on-premise hosted services are subject to a higher rate of security attacks and incidents versus services hosted by a top-tier cloud service provider.
But no solution is without risks. As we saw in the iCloud celebrity hack last year, cloud providers can be vulnerable if hackers guess a password reset clue or use brute force through repeated attempts on a user account. Making sure your provider is limiting login attempts can help, but two-step verification (like a challenge text to your cell phone) is even better.
How can service leaders ensure the organization, including technicians, keep data secure?
For services management, working with your IT leadership to participate in the data security strategy is the first step. Make sure that employees understand and follow the security policies around BYOD, laptops and VPN access. That also includes contractors with laptop or VPN access.
Service leaders can also work with their CIO to develop a response plan. A fast, effective response team can reduce the risks and damages to the company reputation along with reducing the impact to customer relationships. Maintaining customer confidence through a data breach situation is both extremely important and extremely challenging.
Although external hacker attacks have become the most visible examples of data breaches, internal negligence and malicious behavior are also threats.
How are Polycom’s data protection methods evolving?
Two dynamics that will influence our strategy on data protection in 2015 are the growing role of web-based remote support, and the expanding role of mobility devices. We are seeing an increase in software-based infrastructure systems, deployed into virtualized datacenter environments; growing use of remote management, diagnostic and calibration tools for tablets and handhelds; and growing adoption of UC federation with service accounts. For our field team, this means more remote installation and maintenance performed over desktop management and mobile collaboration tools. This opens up new challenges to protecting both customer data and our business.