Geek News: Latest Technology, Product Reviews, Gadgets and Tech Podcast News for Geeks

The Weakest Link in Security is the Human Link

Posted by KL Tech Muse at 7:14 PM on October 31, 2011

SecurityStudies have shown again and again that the weakest link in securing a customer’s information for a business is the customer service representative who deals directly with the customers. I worked as customer service representative for almost 20 years and trying pleasing the customer, while maintaining security is never easy. The customer is always right is a mantra that is drummed into you from the beginning of your employment. So when a customer calls in and has a reasonable story and it is late on a Friday afternoon, it’s much easier to provide the information they ask for than to deny it. There is nothing but your personal integrity and maybe the fear of being fired holding you back. It is definitely not loyalty to the company, when you know that the company is more than willing to replace you at anytime for any reason and the pay isn’t that good. Also you are always under pressure to complete a certain number of calls during your work day.

Social Hackers know this and use it to their advantage to get the information they are looking for. This is called the Schmooze button by many in the security business. The same person who gets you to buy a TV when you go to a store just to buy some batteries, that’s the same guy who would makes a real good hacker. He knows exactly what to say and how to say it to get you to buy the product or provide the information he is looking for. Many companies spend a lot of money on security, building up firewalls and installing advance systems. Hackers know this, they also know that they can often get around the best security system, using social engineering. The answer than is not to spend more money on advance security systems, the best answer is to continually train the customer service representatives in security and it’s importance. Many companies are now increasing the number of question, they ask a customer who request information. However there is a thin line between maintaining security and irritating the customer, companies have to tread that line. So when you call your bank or credit company because you’ve lost your credit card and they start asking you a lot of questions don’t get mad at them instead thank them for protecting your information from hackers.