Zero-Trust Access Gateway Can Help BPOs Secure Voice & Tackle Remote Work Challenges

Zero-Trust Access Gateway Can Help BPOs Secure Voice & Tackle Remote Work Challenges

Reliable communication plays a crucial role in serving customers, supporting business processes, and generating revenue for many organizations across verticals. But the existing lockdown situation inflicted by Covid-19 pandemic has badly disrupted the usual mechanisms that businesses use for efficient, reliable, and secure communication. Organizations have been forced to ask their all employees, including customer services executives to work from home, to ensure the well-being of their employees, and compliance with government directives while enabling business continuity.

Customer Services & Privacy Concerns
Generally, customer services executives or call centre employees work under strict supervision and regulations to protect customer privacy and ensure compliance with various data regulatory norms and to prevent data theft. Under normal business circumstances, they work on dedicated PCs connected to isolated networks, from a pre-defined section within office premises. They are typically prohibited from carrying their personal devices (feature phones, smartphones, tablets, laptops, etc.) or pen and paper into their workspace. They come to office in different shifts and work under close watch to prevent any kind of intentional or unintentional data leakage. However, in a work-from-home scenario, enterprises are struggling to ensure strict monitoring and supervision.

The Perils of Remote Access
To ensure minimal disruption to customer services, enterprises have been left with no other option but to allow their employees to remotely access all customer facing business applications.
Nevertheless, providing secure and reliable access to VoIP systems to make or receive customer calls and ensuring a persistent user experience remain a major challenge.

Challenges Posed by Remote Access
• Exposure to potential end-device based cyber security attacks because of the increased mobility resulting from work from home
• Difficulties in ensuring regulatory compliances
• Work-from-home users cannot be provided with remote access to the VoIP systems, which they use, while in office
• The physical phones connected to VoIP systems in office premises cannot be carried home, or connected to, over the internet
• Poor quality of network connectivity at home compared to office premises

GSM-based Connectivity
Many organizations are making use of GSM-based connectivity to keep the communication channels between customer services executives and consumers open. The GSM mechanism routes any incoming call from customers to the customer voice center. From the voice centre, an out-going call is automatically made to a customer executive, based on customer needs or executive’s skills, who is working from home. Though the GSM architecture does provide real-time connectivity and a decent performance, there are some inherent problems.

Limitations of GSM-based connectivity
The following are the major limitations posed by a GSM-based connectivity mechanism.
Increased Cost: The cost associated with each call doubles up, which results in increased operational expenses of enterprises
Lack of Security: Generic IP networks do not provide the needed security to carry voice traffic
Low Quality: IP networks used for carrying voice traffic, induce latency which may result in call drops and jitters in the voice

An option that enterprises have to optimize the costs, at least partially, is to move their VoIP systems from typical hardware-based platform to cloud-based telephony platform. But this is not an option that every organization can, or would like to, adopt. As cloud-based solutions generally do not have enough security built into it, and thus fail to mitigate security concerns.

App-based VoIP Solutions Can Be a Good Alternative
The best alternative available to organizations is to use secure desktop or mobile application-based VoIP solutions and provide encrypted voice connectivity over IP networks.
VoIP applications whether running on mobile phone or on a desktop, should be securely delivered through a Zero-Trust Access Gateway solution. The Zero-Trust Access Gateway solution comes with features like application tunnel-based (L7-based) access without network bridging, out-of-the-box multi-factor authentication, device fingerprinting and control based on multiple factors, data leakage prevention and Internet access control features to overcome the limitations posed by the traditional VPN solutions. Some of the limitations of generic VPN solutions are listed below:

Shortcomings of Generic VPN Solutions
• Traditional L3 VPNs use network bridging, exposing internal resources to potential threats
• Generic L3 VPNs do not provide complete device scanning and device entry control features
• They cannot restrict a user to a specific device and a fixed IP address
• They do not provide strong authentication and detailed auditing to ensure complete compliance
• They increase the possibility of compromise of end-user’s machine, and hacks which can result in security breaches and pilfering of enterprise resources.
• They result in increased vulnerability to cyberattacks as uncontrolled devices may run browsers with sub-optimal security
• They may result in loss of sensitive information to keyloggers, who may stealthily reside in end-users unmanaged or uncontrolled devices

Benefits of A Zero-Trust VoIP solution
An application access gateway solution with the following features would be ideally suited to satisfy the VoIP needs of businesses, while overcoming the limitations posed by remote working
• It must be a hybrid solution; wherein business applications are delivered over a Layer-7 tunnel and the VoIP traffic is delivered through a Layer-3 tunnel. As L3 tunnel, is a UDP-based tunnel, it can adapt to VoIP traffic and provide the best performance
• Super-fast encryption methods are to be used to deliver a superlative performance in terms of voice delivery, and mitigate the concerns of call drops or jitters
• The solution has to be complemented by multi-factor authentication to ensure strict verification and authorization of users
• It should be capable of using multiple parameters, like log-in time, device location, device fingerprint, etc., to ensure that a user always remains bound to a particular device as per the DoT regulations
• The solution should allow use of only approved and uncompromised devices for work purposes, to prevent unauthorized access
• It should provide detailed audits and logs of all user activities, to ensure compliance and higher security
• It must be capable of providing context-based, real-time adaptive risks-based access or restriction of access to corporate resources

The presence of these features would allow enterprises to have complete control over their resources, ensure regulatory compliance, keep all security issues at bay, and enable their customer support teams to achieve maximum productivity and go live with voice from their homes.

Current Magazine