WebRTC and multi-level encryption driving WFH security concerns
Some 10 months into the global COVID-19 pandemic, businesses are well and truly on the path to adapting to meet the demands of their customers while undergoing a rethinking of what customer care means. There is now a heightened importance on customer care and empathy as different individuals battle the pandemic and its effects; whether that be loss of income, redundancy or even bereavement of a family member. Added to empathy is the need for innovative digital models too help customers weather the crisis from their own homes and the demand for building and maintaining improved digital capabilities to help customers quickly and efficiently.
The points have been brought in across most, if not all business sectors. But one major concern among customers requires the most innovation to put customers’ minds at ease – security.
Working from home is now part of the so-called ‘new normal’, with many businesses shutting offices for good. The death of the office environment as a direct result of the COVID-19 pandemic does have its advantages despite it more often than not being a change to agent working habits many business leaders have been forced to make. For one, there’s the fact no office to attend for work means no rent to pay on buildings. Another example is employees enjoying a better work-life balance, though this is expected to come into play post-lockdown. In the meantime, families are spending more time together and the lengthy commute is expected to largely become a thing of the past.
But when customers are calling banks, building societies or businesses where they’re expected to provide personal and sensitive information about themselves to have a query resolved or purchase a product, there are still concerns that agents working from home and businesses are not following correct procedures when protecting customer data. An example of this is the UK’s Financial Conduct Authority (FCA) ordering bankers to record calls while working from home. This was a major U-turn for the Government body who only made this as a suggestion in October last year. Bankers are now having to race though the right technologies to enable firms to meet this demand.
WebRTC security concerns centre around one question – is it safe? It works by changing the way people communicate through the internet and best of all, there is no need for any software or plug-in installation: the user just needs a suitable browser. Security issues have come about after users are allowing access to their devices, such as camera or microphone, and naturally begin to think how far this access can go. Added to that, there is also the risk of opening the door to some malware that might come along. But contrary to popular belief, users do have a degree of protection. A security advantage of WebRTC is that when comparing to VoIP, for example, is that encryption is always there because the code carries native features that approach security concerns.
Regarding encryption, different security attacks of course happen across a variety of cloud services at each layer, with attack types and risk levels associated with different cloud services. Risks can be ranked low, medium or high and the intensity of the risk levels depend on the position of cloud layers. The attacks get more severe for lower layers where infrastructure and platform are involved. The intensity of these risk levels is also associated with security requirements of data encryption, multi-tenancy, data privacy, authentication and authorisation for different cloud services.
Though many tech firms are battling to aid sectors like the banking industry, the hybrid workplace option of a mix of remote working and office working has appeared a front-runner for an array of businesses post-pandemic. It is widely expected this will be rolled out across the financial industry post-COVID. Until then, a solution must be found to aid the industry in protecting customers’ data during this time of global crisis.