On Securing Call Centers

• Previous message: On Securing Call Centers
• Next message: On Securing Call Centers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is being hashed over the SAGE list too.
Treating people like they are theives is a fine way to motivate
them to become theives.


Quoting richard childers / kg6hac (fscked at pacbell.net):
> Reading this description of the secret call center, I cannot help but 
> wonder:
> 
> - What protections are being taken against telephone taps?
Switches aren't too hard to access.  If the voice line would
compromise your security, then you shouldn't be using phones.
All customers could be issued scrambler phones or you could do
a cost:benefit analysis and let it go.

> - Have you secured your telephone switch and do you trust your 
> provider?    [1]
YOu can *never* *trust* your provider.  See above.

> - Have you secured the telecommunications cables leaving the building?
If only from backhoes.  (remember when, I think it was Netscape
in 95 or perhaps MAE-WEST when down?  "A rat" they said (quickly
pulling their prepared excuse-rat from the freezer)).

> - Are you using fiber, where possible, instead of copper?
Fiber is far more trivial to bump into than it was 8 years ago.

> - How will you stop cleaning staff from installing listening devices?
They will have "background checks" which I find, at best, impractical
in an industry with 200%+ turnover rates.

> - What's to stop someone from kidnapping an employee (or cleaning person)?

That said, for all the C/R devices, SecureIDs and smart cards
you issue, the best and easiest way in is not to kidnap people
(great for movies, not so likely in Real Life) - the easiest
way to get information is to simply pay them.

Given how motivated *I'd* be to continue to work in this sort
of env, simply offering them a job where they aren't living
in Ashcroft's Holiday Camp might be enough.

When I call in to places, sometimes I don't have my case number
on hand.  As soon as I found out we were cut off automatically
in 60 seconds as a tool to keep employees from getting calls,
I'm not really motivated to continue doing business with that
company.

You're biggest assets and help towards security is working WITH
employees, not imprisoning them.

> And, now that I think of it, a determined call center employee could 
> still bring in a digital pocket tape recorder, or, even worse, a cell 
> phone ... strip searches may be indicated ...

Really: employees should live on premises for 12 month shifts
and either be killed or mind-wiped at the end to make them useless
and incoherent.  Or perhaps sent to holiday islands for a 3 month
respite (isolated from the World) before their next shift.

Family members should be implanted with explosives as further
motivation.  Why am I recalling that novel "The Firm" by a
nadir of american literature, J Grisham?


Treat employees like trusted human beings and they will help you in
your sec urity.  Treat them as adversaries and they will not only
*not* aid you, but they will seek ways around the machiavellian
mazes you've set up.

And as a SAGE writer said:  I hear Dan Geer's available :)

• Previous message: On Securing Call Centers
• Next message: On Securing Call Centers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]