West At Home Implements PhoneFactor for PCI Compliance

West At Home Increases Credit Card Data Security With PhoneFactor

The Business Challenge:

West At Home, a division of West Corporation, is the nation’s leading provider of outsourced communication solutions. They are based in the Midwest, but have thousands of agents across the United States that work from home taking calls from consumers – processing orders or providing customer service and support to West clients from a wide range of industries, including retail, healthcare, communications, and travel/hospitality. This means that any information that the agents enter into their computers via their remote network must remain secure to protect the consumer’s personal and payment information, which required compliance with the PCI Data Security Standards. West, like many call centers, faced certain challenges in maintaining this security.

• Strict Industry Regulations: Because agents often take credit card information, West had to follow industry regulations like PCI DSS, which requires two-factor authentication to secure access to networks where credit cards are processed or stored. But depending on the particular industry focus the agents had at any time, they might also have to comply with HIPAA or FFIEC regulations, among others.
• Use of Personal Computers: Because these agents work from home on their own equipment, requiring users to install software or certificates on their personal computers would require a material amount of IT support and ongoing maintenance.
• Employee Turnover: The call center industry typically experiences a heavy turnover. Any solution had to be one that was easy for the home agents to implement, and very streamlined for West IT to deploy and maintain.

The Solution:

PhoneFactor understood West At Home’s issues. Our secure two-factor authentication service provides everything they need while using the agent’s best tool of the trade – their phone.

• Easy setup and deployment – No tokens to mail or certificates to install
• Rapid compliance with PCI, FFIEC, HIPAA and other industry regulations
• Instant integration with leading remote access products
• Centralized user management leveraging their existing Active Directory

PhoneFactor integrates with West’s existing systems, enabling rapid setup and deployment. And because it synchronizes with their Active Directory, provisioning and managing users is seamless. PhoneFactor is so easy that training is accomplished through an automated email. And PhoneFactor is significantly cheaper than other two-factor solutions on the market that meet the compliance guidelines necessary for West.

“The PhoneFactor solution gives us the strong two-factor authentication that we need to meet the industry’s strict regulatory requirements. PhoneFactor fit all of our requirements and gave us a great alternative to costly security token solutions.” – Rachel Roberts, Information Services Project Manager, West Corporation