Niyamath Parveez

There has been a rapid growth in the number of US-based companies that are outsourcing their financial processes to BPO-s located in Asian countries, especially India. The process is quite logical from the financial point of view, but some security concerns simply cannot be ignored. A recent incident in which three employees from an Indian BPO made off with a staggering 350,000 USD from Citibank account holders by hacking their accounts has brought some amount of uneasiness among the big giants in US who regularly depend on the Indian BPO-s to get their confidential financial data processed.

Protection of financial data is one of the first and foremost concerns of a company. If information about business deals, tender calls and budget plans are compromised, the very future of the company can be in danger. This is one of the reasons that more and more companies are getting concerned about the way security breaches are occurring in Indian BPO-s. The situation does not bode well for the Indian BPO industry.

However, this situation can be avoided without much hassle, if some standard security procedures are implemented and maintained. True, no system can be absolutely safe from unauthorized people waiting to get a crack at it. But, their plans can be thwarted by finding the loopholes in the system and plugging those as soon as those are found. Some safety procedures can be put to use for doing that. These are as follows:

1. Dynamic data masking – In this procedure, the employee is never allowed access the complete data of the client. Thus sensitive data is protected by hiding (or masking) it, using symbols like asterisk in place of the actual data. This is the process with the most stringent restrictions, but is undoubtedly the most secure as well.
2. Paperless office – This is a relatively new concept that is rapidly gaining popularity. In this process, employees are not allowed to carry or use any sort of paper stationery in office. Reminders are set using software tools, and electronic notepads are used to keep notes. This process ensures that no data can be taken out of the office. The process is not full-proof though, an employee with a photographic memory could sure walk out with a list of client info in his head. But this process, combined with dynamic data masking, can secure the sensitive data being handled to quite a good extent.
3. Automatic call monitoring – Special types of voice recognition software are available now, which can monitor calls made by employees while in office. These software packages can also trigger an alarm when the employee or the person at the other end utters some specific words, such as, “client”, “password”, “account”, etc. By forcing the employee to submit his cell phone to the authorities when entering office and making him/ her use the monitored office phones while working will make this process quite effective.

These processes can make the data of the clients secured at least to some extent from employees with malicious attitude. Data security is of paramount importance when managing financial data of a company and BPO-s have to implement stringent security measures to make sure that their clients’ data does not get compromised.