Lack of security protocols cause BPO cyber frauds: Survey

Kolkata: A recent survey jointly conducted by the apex industry body ASSOCHAM and a global software giant has revealed that most cyber frauds in India's booming business process outsourcing (BPO) sector occur due to lack of strict implementation of existing information security protocols together with poor employee awareness.

It has been noted that awareness about cyber frauds was low amid freshers and job applicants but it was relatively higher in experienced employees. "Both employees and customers are to be blamed for cyber frauds as employees lack ethics and customers for being careless about security and privacy," admitted experienced BPO professionals while acknowledging that computer hacking, credit card/bank frauds, malware/virus, tech support scams

are most prevalent.

The survey has pointed out that lack of seriousness at the organisational level towards the issue is the root cause of the problem as casual attitude is often passed down to employees. "Basic protocols like frisking/checking before entry/exit, no mobile phones on floor, no pen and paper and others are frequently overlooked, thereby exposing gaps," the survey stated.

The survey also suggested immediate steps should be taken to drive home seriousness about cyber frauds that include comprehensive session on cyber fraud in induction programme, implement stringent security measures, install strong antivirus systems, organise sessions on ethical practices, implement training and development programmes.

The survey titled, 'Understanding the perceptions and awareness around cyber security' was conducted among employees working in BPOs in Delhi-NCR and Kolkata to ascertain the level of awareness regarding cyber frauds among people employed in the sector. The survey sample design comprised four focus group discussions (FGDs) and 20 in-depth interviews (IDIs) held across Delhi-NCR and Kolkata.

ASSOCHAM in collaboration with the software giant has launched 'Cybersuraksha Youth Awareness Campaign,' wherein a series of workshops are being organised in various states with an aim to promote awareness about cyber security threats among citizens and provide up-to-date security information through education and sharing of good practices.