Data and privacy are not new topics in the news, so what has everyone so interested in GDPR?

GDPR – A Quick Summary

While the scope of GDPR is focused on EU residents, businesses the world over and even very small operations on the internet have been engulfed in a whirlwind of preparation, doubt, and outright panic. In simple terms, GDPR is a regulation that seeks to give end users – natural persons – more control and fundamental rights to their personal data. GDPR’s term for end user is predicated by the definition of “personal data.” Personal data under GDPR is far more broad than Personally Identifiable Information (PII) we’re more familiar with primarily in the medical industry in the US. Personal data here includes details such as an IP address and geographic coordinates. It also includes certain sensitive things such as gender, sexual orientation, genetic information, religious affiliation, and ethnicity/race. Given the definition of “personal data,” GDPR defines the end user/individual as a “data subject” to whom personal data is owned by or attributed to that  can be used singularly or with other forms of personal data to identify the individual. The caveat here is a data subject must be a natural person meaning the business law definition of a corporation being a person is not recognized under GDPR. Naturally, this also means corporations do not possess personal data rights as a natural person would in respect to GDPR.

Aside from personal data and data subjects, GDPR introduces two other integral terms to its understanding. These terms are data controller and data processor. A data controller is any entity (individual, organization, etc.) that sets forth how and what personal data is collected and used for what purposes. Data controllers may very well not perform any data collection themselves, but carry a responsibility in setting the conditions of collection, storage, processing, and sharing of data subjects. We’ll walk through a simple example in a bit. Data processors, on the other hand, are entities that perform personal data collection, processing, and potentially sharing and storage. In most cases, the vast majority of personal data processed by data processors are returned back to the data controller or stored by the data processor on behalf of the data controller. Let’s consider an example of this relationship.

Vivid Co (fictional) provides a web-hosted image gallery for both hobbyist and professional photographers to store and share their pictures and albums. It also serves as a place for interested parties to commission photos from participating photographers. Vivid Co developed the code that powers the web service and also maintains all the hardware needed to keep the service running. However, Vivid Co determined it was too expensive to buy adequate storage hardware and instead decided to use AWS S3 for cloud storage of photographers’ submitted images. In this setup, Vivid Co is the data controller on the grounds it decided what personal data was needed from photographers and individuals (the data subjects) looking to commission images through the service. Vivid Co also does most of its own processing. For both types of end user, Vivid Co stores email address, password, name, and several interest descriptor keywords like “nature” or “scenery” that are stored on database servers Vivid Co owns and operates internally. For photographers in particular, Vivid Co also stores the photographers’ images in AWS S3 – this means AWS is a data processor of that personal data for Vivid Co. For users who want to commission photos, Vivid Co provides a built in messaging feature that lets those users contact photographers for possible commissions.  For successful commissions, Vivid Co connects Paypal accounts, so Paypal is yet another data processor for Vivid Co. Specifically, it’s handling monetary transactions between the two types of end user.

From this example we can see that certain types of personal data are shared between different entities for different purposes. In GDPR a very big tenet is that it is the data controller’s responsibility to ensure any data processors it associates with are GDPR compliant themselves. This is almost outright saying companies that do business with each other and providing services to one another must form a web of trust to protect personal data and handle it responsibly. Otherwise an incident resulting in punitive fines could result in some form of mutually assured destruction due to the “web of trust” being broken. If a personal data incident occurs that’s the fault of the data processor, the associated data controller is also equally responsible for the incident on the basis the data controller did not perform due diligence to ensure the compliance of the data processor – hence the aspect of “mutually assured destruction” (or penalty as it were).

In a related example, let’s pretend Vivid Co didn’t use Paypal for handling commissions transactions securely and with respect to end user personal data. Instead they use a fictional service called Pay.me that isn’t GDPR compliant and let’s say Vivid Co didn’t bother to check if that was the case or not. When commission transactions are passed from Vivid Co to Pay.me, it may be the case Pay.me is recording and selling transaction data to another organization who is profiling users for targeted advertising without disclosing this practice back to Vivid Co. Pay.me sells this organization the email address of the user, transaction amount, and the transaction description of “photography purchase.” With this example, it’s quite reasonable to feel a bit creeped out that companies might do such a thing when we don’t expect or want them to.  In this variation, if a personal data incident were to occur tied to Pay.me, Vivid Co would also be punished for its relationship with Pay.me.

Personal Data as a Liability, Not Value

Just the definition of data subjects alone is enough to make businesses of all sizes and industries reel. For most, privacy is something that is reasonably respected and the collection of personal data is generally covered under Terms of Service agreements and Privacy Policies, though not always in easily understood or terse language. Until GDPR, that was largely handled on a “this is what we do or use that data for, take it or leave it – just hit ‘agree’ and you can proceed to view this website, use this application, or access this service.” While the majority of businesses collect personal data to enable useful features, such as taking your geolocation data to provide relevant weather forecasting, they also have a bad habit of taking a wholesale approach to that data. That is, it may not have a real legitimate purpose at this moment, but it may be useful later on for other reasons yet to be identified. Previously data siloing was never given much thought or worry since it mostly amounted to data that’s been placed somewhere to exist for records, but GDPR is forcing businesses to see holding onto too much personal data without legitimate reason or consent as a liability rather than a potential value.

As we discuss how data is potentially used within any given system, we naturally form a spectrum of what’s fair and reasonable to collect, store, and process relative to the data subject’s ownership of the personal data and their rights. In most cases, the personal data needed to reliably use an application or service is essential – GDPR recognizes this use of personal data as a legitimate interest. Legitimate interest can also extend to other legal and regulatory obligations relative to the individual company, such as maintaining complete records for periodic required audits. However, it’s possible to think oneself into the extreme end of personal data ownership and rights deferring control to the data subject. Take for example a business that regularly ships products to customers across the world. Such a business with no data privacy expertise might worry about how they may reliably ship products to customers who refuse to allow them to know, use, or save the relevant personal data such as shipping address and recipient name. In this case, not being aware of the legitimate interest basis for collecting and processing personal data in GDPR can potentially lead to the misconception end users can unilaterally exercise absolute ownership and right to personal data while the company still bears the burden of delivery of services that have become impossible to provide. For such businesses, it’s the sudden and unfounded belief that personal data can no longer be collected and processed that may mistakenly cause the perception of personal data as a liability when very little may change in actual practice.

How Your Online Experience and the World May Change

If GDPR is forcing businesses to take personal privacy seriously, what’s changing for us when accessing their services, sites, and applications? GDPR’s core tenet to personal data is transparent informed consent. What this looks like in practice can vary wildly by the business/application, but generally includes one or more of the following things you may experience:

• If personal data is collected, processed, and potentially shared; the end user must be informed of this intent in plain language and given the choice to accept the terms and opt in at the time of data collection.
• Personal data collection opt in cannot be blanketed and must designate what personal data is being requested for collection and processing at the time of collection or processing.
• Opting out of personal data collection and processing should not prevent the end user from reasonably using or accessing the content/application unless the personal data in question is fundamental to reliably using or accessing the content/application…though you may see more privacy policy, terms of service, and cookie use popups when accessing a site or service for the first time or from a new device.
• End users can exercise various rights related to their personal data that is collected and processed, but not all invocations of those rights need to be accommodated based on a limited set of circumstances.
• Changes to how you can be contacted for marketing purposes both through direct marketing and cold calling.
• Changes to advertising behavior – particularly to targeted advertising and tracking cookies. Expect to see more randomized ads that don’t seem to somehow know about things you like.
• Less “unsubscribe” or “forget my preferences” options and more “I consent to the collection of X” for things like mailing lists, personal preference features, social networks, and social integrations like comment sections. Choosing not to re-opt in for mailing lists may cut down on your clutter of forums, sites, and news you no longer care to read or stay informed about.
• Businesses that utilize third parties for services (such as AWS or Google Cloud for storage) are required to assess GDPR compliance of the third parties or they can be punished with the third party provider for an incident occurring on the third party. This generally means better secured personal data that’s shared between multiple entities.
• Some services and applications simply shuttering up and closing down out of fear of punitive fines if an incident occurs.
• Services and applications shifting toward to subscription only or paywalled premium content to offset lost revenue from advertising.
• Services and applications that are inherently not for profit shifting to a crowdsourced donation model to offset lost operating revenues from advertising.
• Businesses changing vendors for productivity tools due to current vendor’s non-compliance with GDPR.

Of course, when I say “you” it presumes you are a data subject to whom the law applies. While this is true and GDPR is focused strictly on EU residents’ personal data, we cannot ignore the fact we live in an incredibly interconnected world. For example, many organizations may use Atlassian Confluence, Jira, or BitBucket. Atlassian is an Australia-based company and the listed products have customers worldwide on both a business and personal basis. Many people and businesses use Amazon for shopping, which is US-based but the customers are global. More so than ever before, it’s simple for a business to have as many foreign customers as domestic. This fact has caused many businesses to conclude applying GDPR compliance to all users is the safest path forward rather than attempting to segregate EU customers and users specifically and have a completely different operating procedure – especially given the possibility other nations may adopt similar regulation to GDPR in the reasonable future.

As non-EU residents, we can enjoy many of the fringe benefits of having easier to read, straightforward privacy policies, having the ability to potentially port our account information from one service provider to another, and being able to view, verify, and correct on-record data. In our humble view, the rest of the world is erring toward reclaiming privacy rights in light of the numerous data breaches and privacy scandals that have occurred in even the last 2 years. Incidents such as the Facebook/Cambridge Analytica scandal, Equifax’s massive data breach, and Twitter’s own “we accidentally stored passwords in plaintext briefly” gaffe come to mind very quickly. Each of these incidents affected millions of individuals in non-trivial ways costing the respective organizations resources to address, revenue loss, and loss of trust and favor of the established brand.

But what could the price as of May 25th be for such incidents? Possibly a fine of up to 20 million EUR or 4% of global turnover (revenue), whichever is greater plus potential additional penalties based on factors such as whether or not the incident occurred as a result of willful ignorance or gross negligence as well as how cooperative the company or companies in question are in investigation and remediation. So if we use Facebook as an example and pretend the Cambridge Analytica scandal occurred on May 26th, Facebook could have seen a fine of about 1.6 billion EUR. GDPR carries a potential punitive aspect to make it compelling to not view the risk of noncompliance as a sound decision regardless of size or success of the company in question.

Certainly, the price of an incident or breach with GDPR looming over the horizon is terrifying to just about any business, but perhaps more so than the knowledge of how much an incident could cost a business, it’s the fear of not knowing whether compliance efforts are satisfactory. Larger enterprises and corporations and businesses operating in certain markets and sectors expect security compliances such as NIST, HIPAA, and PCI. These compliances are always a moving target as circumstances and standards change in time. GDPR compliance is very similar, but an initial enforcement date with no precedents of the law in practice have left many anxious as to whether their efforts are really robust or as effective as installing brakes on a race car without having tested them prior to the race. Without precedent that helps define correct interpretation, many are simply uncertain how well their efforts will stand up in the event of an incident. This anxiety isn’t helped either given the many different and often unique ways companies develop their operations and services practices. Finally, for small businesses that would normally not need to concern itself with compliance, GDPR comes as a very big looming challenge many are unsure they can surmount.

Fortunately, the Information Commissioner’s Office (ICO) has released a draft outlining their action policy, which indicates levying fines or sanctions against a business is considered a last resort. More often than not, the ICO appears to want to advise and help correct operations that do not meet compliance where there is not clear willful negligence or gross misconduct. However, this does not mean businesses can simply procrastinate adapting operations expecting a tap on the wrist or hoping the excuse of organization size and relative lack of in-house expertise (or the ability to afford it) will allow them to duck under the radar.

While these potential changes generally mean good things, there are some aspects of the future that are further complicated. Advanced biometrics is one field that may see new challenges arise in regard to privacy as biological data is used to authenticate a user on the basis it is unique to yourself. Your smartphone might have a fingerprint sensor that lets you unlock the device without inputting a PIN or drawing a pattern. However, in order for that feature to work, your fingerprint must be stored and then referenced when the sensor is used. The same premise holds true for devices that authenticate using your face. Neural networks, deep learning, machine learning, and artificial intelligence are other areas where data privacy and identification can become a concern – perhaps even controversial life or death matters.  These advanced computing topics and techniques “teach” systems by providing training samples to then evaluate, identify, remember, and/or relate. An example of this is voice recognition. Advanced voice recognition generally works by getting a clear sample of your voice which is analyzed and stored to be identified correctly so only the authorized individual(s) may issue commands. When a microphone is used for audio interfacing, the system listens and evaluates the voice (or voices) being picked up and attempts to identify you – potentially from within a group of people talking at once or in a crowded area with a lot of ambient murmur.  This also helps protect against annoying but inane issues of a friend shouting “Hey, Siri!” followed by something inappropriate. Voice recognition is already somewhat of a hot topic in personal privacy as not everyone is comfortable with a running history of searches and commands made to in-home and mobile assistants like Alexa, Siri, Cortana, and Google being stored  and processed in the internet. Not to mention the potential risks of having a device that’s nearly always listening that fosters the reasonable paranoia of not fully knowing you have privacy anywhere such “listening” devices are located that may see remote exploits similar to baby monitors or collection of speech data unaware to the owner.

Your Data, Privacy, and NocTel

If you’re reading this, you’re likely a NocTel customer or user or even someone nominally interested in GDPR. Naturally you may be wondering what NocTel is doing to protect and respect personal data and privacy.

GDPR and the question of compliance has been something we’ve had to give deep thought to even though the vast majority of our customers are not located in the EU or regularly interface with EU residents. NocTel’s services are strictly limited to businesses and organizations, so we do not have the risk associated with collecting large amounts of personal data or any good reason to process it for purposes not associated with feature delivery. While it looks like there is still quite a bit of personal data that’s collected, it’s all necessary for NocTel’s functionality to work reliably and to improve account management for administrators. In most cases NocTel acts as a Data Processor for our customers. The “end users” are often staff of our customer organizations, which makes the customer organizations themselves Data Controllers relative to their own staff and to the individuals and organizations being contacted through their NocTel VoIP phone system or NocTel Flow contact center.

In the spirit of respecting personal data and privacy, NocTel is committed to making the following changes and making  available numerous resources for learning as well as keeping you informed whenever things change:

• We’ve updated our Privacy Policy to clearly and plainly state what personal data NocTel collects, processes, and with whom that data is shared with and on what basis, if any.
• Our Terms of Service has been updated to reflect changes in Privacy Policy.
• A GDPR primer reference on our online knowledge base to help learn and understand terms and interpretations of GDPR law and how it relates to NocTel’s handling of your data.
• Blog entries like this one to provide disclosure, explanation, and evoke discussion.
• Personal data collection, processing, and storage template form for existing and prospective customer organizations to provide transparency on what personal data NocTel collects and processes as a VoIP service provider in the role of Data Processor, which can be requested from NocTel by emailing support@noctel.com.
• One-time notification of requirement to opt-in for receipt of communications from NocTel. Non-response is treated as a decision to opt out.
• Re-consent for NocTel’s newsletter mailing list.

While all of these things may not be fully implemented by May 25th and that list may grow in time as the world rethinks how personal data should be handled appropriately, we want you to know we cherish the trust placed in NocTel and our employees to always do the right thing in regard to your personal data. As always, we welcome your questions, comments, and concerns – just drop us a line and we’ll get back to you.

In this final article we’ll evaluate some methods of reducing attrition that borrow from some of the many gamification concepts described in the previous article here with varying degrees of effort to implement.

Show Appreciation

Either surprisingly or unsurprisingly, employees are pleased when they are recognized or praised by their supervisors. While this doesn’t have to be an everyday occurrence, it goes a surprisingly long way but requires you pay attention to your employees. Is a particular employee having a difficult time grasping some aspect of the work? Encourage them as they struggle with it and do so again when you see they’ve progressed beyond it. Did something unexpected occur during operating hours? Did someone step up and do more when the floodgates opened? Pull them aside and let them know you appreciate them going further than they would on a normal day.

The surprising aspect of workplace relationships is there are still a surprising number of “boss-employee” basis relationships. While one may take marching orders from the other, it doesn’t mean interpersonal connection cannot occur. Rather, the lack of the interpersonal connection denies the growth of trust and loyalty between the employee and supervisor, and can extend further up to loyalty to the organization itself. We’ve been known at NocTel to leave “presents” for each other after particularly rough stints. I’ve come in to find something “nice” (whiskey!) on my desk and likewise have been known to leave something “nice” (wine, sake, snacks) for Cory when he’s been running around.

Give Rewards for Above and Beyond Service

While a definite appeal to those who are motivated by rewards, getting something nice from a supervisor is also a form of appreciation. However, this can be a somewhat slippery slope as doing this can form expectations that are not formalized such as rewarding a particular employee who spends more time working after hours than his peers leading to everyone working the same hours as the employee who was rewarded. The supervisor may be thrilled to see this shift in productivity, but not recognize the employees have the expectation they will be rewarded. If left unreciprocated, employee sentiment toward work and the supervisor can sour causing a potential inversion of intended results.

It isn’t recommended to do this very often as the cost to meet employee expectations to maintain a new de facto status quo is more costly than lower productivity.

Skills-based Compensation

One strategy that companies can offer to motivate employees is to implement a skills-based compensation strategy, which bridges the divide between intangible rewards and tangible rewards. That is, provide a way for agents to become trained or more proficient in different skills and tie a benefit such as higher compensation to the satisfactory fulfillment of the requirement. Such a strategy provides a plethora of benefits:

• Agents organically grow within the organization solving over time and strong implementation the issue of shortage of skills.
• Growing agent skills within the organization serves as a personal way of tracking progress to address the need for setting and achieving goals – the potential to grow an agent from a trainee to a subject matter expert (SME) is actually quite an impressive feat.
• More skilled agents that stay with the organization longer reduce time and financial costs associated with exiting and hiring/training new agents.
• Agents with particular skill sets have the potential to become mentors or instructors to other agents, which can in turn be recognized by supervisors or managers creating a positive feedback loop improving contact center cohesion and morale. This also carries the benefit that skilled agents can train less skilled agents thereby reducing time and effort investments by supervisors and managers training agents.
• Having many agents with likely overlapping skill sets helps buffer the contact center from emergency hiring to address high volume periods.
• Highly skilled agents may naturally rise that can fit into semi-supervisory roles such as team leads who can assist lesser skilled agents with particularly difficult calls or customers allowing more effective management of queues. Reduction of stress and workload for supervisors and managers also creates the real potential for a positive feedback loop (e.g.: You picked up the slack for me yesterday when things got busy suddenly – I really appreciate you stepping in to do that).
• In conjunction with your contact center solution of choice, you may be able to track completion rate of agents seeking training and qualification of different skills. NocTel Flow allows for the tracking of agent skills and associated proficiencies out of box as well as through custom reporting.

While it likely requires the most effort and cost to implement, the above method fundamentally re-evaluates agents and redefines not only their value by the organization but also to the organization. It may not reduce the fast-paced and often times stressful nature of contact center work, but it does redefine the way in which agents are utilized and by extension the underlying operations of the contact center. Also be aware implementing tracking mechanisms may necessitate additional resources and systems, such as implementing an internal knowledge base requiring IT resource to set up and possibly administrate (if supervisory staff have a technical deficit to manage). Even with just an internal knowledge base, there is also the associated maintenance cost by supervisory staff to ensure content going in is accessible to agents, the content is correct, and perhaps most importantly the content is current.

Find What Suits You

To wrap up, it’s clear that employee retention can be fueled by a handful of factors but not easily addressed at once. While gamification as a means of engaging the interest and motivation of employees may seem appealing, there are certainly difficulties and considerations to be had for the numerous ways it can be implemented. As we’ve gone through various ways to address the issue of attrition, fundamentally employees appreciate knowing they’ve made a difference by others and several of the discussed possibilities tap into this (and several have put it in the backseat). If anything, we’ve reaffirmed what ages of study into the human mind and condition have told us and still trying to understand: people are fundamentally unique in character, motivation, and goals. Despite this, actually knowing the character of employees and peers can go a surprising distance in understanding what motivates them to do more and better.

Problem solving within the organization always requires effort, but happier, more productive agents reap benefits for the organization as a whole.

Whichever method or mix of elements of methods you implement, there must be an accurate feedback loop to assess where things are working well and what isn’t. Without reliable methods in which to measure the effects of whatever policies are implemented, you have no real compass to tell you if you’re truly moving in the right direction or simply going in circles. The concern for change may be strongly present due to the reasonable doubt there is no problem solving silver bullet, but you can always start small and establish practices to eventually support a larger push that is more likely to be effective and accepted at all levels. This, of course, will depend heavily upon the characters of the employees themselves and the established or perceived culture of the organization.

Through this series on employee retention focused on contact center agents it’s clear there are a great many ways to address the problem. Regardless of which methods you imagine fit your organization, its culture, and its goals; there is an associated amount of work to be done and likely maintain to set that bar higher. Remember, employee retention is an organization goal that requires a strategy and strategies are inherently long term and broad scope. You will need the interest, support, and faith at nearly all levels to achieve sustained success.

With this article, we’ll discuss the concept of gamification as a method of implementing a system to an existing one to abstract away classical metrics while appealing to the motivators that are competition, recognition, and possibly reward.

Enter Gamification

Gamification as a concept is hardly new and yet it seems to have become one of those popular contemporary buzzwords, but what is it really and how does it help with attrition? At its core gamification represents game-like elements integrated into systems that may or may not be for entertainment purposes. In other words, it’s a method to make work appear and feel less like work through the abstraction of a game. The simplest example is to tie a counter to a user account. Let’s say, for example, if Netflix implemented a counter of how many different TV series and movies you’ve watched on your profile with titles and can compare how much content you’ve viewed to other profiles on the same account or even across other accounts. Perhaps the count for watched TV Series and movies are kept separate and every 20 titles watched puts a title appellation next to your user profile name like “Movie Buff” or “TV Connoisseur” with different profile appellations for each additional 20 title increment. The benefit to Netflix for doing this is to motivate subscribers to watch more content on streaming and may also see an improvement in the number of customers who decide to rent content on DVD or Blu-Ray not available for streaming. Another possible benefit might be a “screener” privilege for users to have early access to new content added to the service, which also serves the purpose of letting the “screener” users drum up interest among their social circles.

In this example, the idea of attaching an “achievement” for consuming Netflix content on an account is a game-like mechanic. Netflix itself is not a game, but by giving subscribers a way to compare against others, possibly in a self-perceived competition, the service has become gamified subtly. While this example was very simple – in reality this could be an added content field on a Netflix profile that is tied to a very simple database query – gamification can take on a wide variety of implementations up to the point of turning aspects of a non-entertainment, non-gaming service or system into a game unto itself.

Yet another example that introduces an actual reward might be if you’re a parent you may have turned something the children dislike doing like brushing their teeth or eating vegetables into a game of sorts rewarding them for doing so. This emphasizes the reward and not their displeasure at eating those greens that might otherwise end up on the floor or given to the dog. The interesting thing with this example is we return to the basic idea of cost benefit analysis where doing something unpleasant is ultimately outweighed by the benefit doing so provides, and so we’ve appealed to the motivation for a reward or benefit to achieve a desired outcome. However, whether or not this example is a good parenting practice I’ll leave for the reader to decide, though we may generally agree dogs shouldn’t eat too much broccoli.

The Pros and Cons of Gamification

Naturally, when you modify a system or method of doing things to be a game or more game-like you are doing two things:

1. Masking motivation to work for employees as motivation to play or compete appealing to several different psychological motivators individuals possess: competitiveness, recognition, entertainment/engagement, and benefit.
2. Adding a sublayer of varying complexity to the system itself through the mechanics and implementation of the “game”. How elaborate the “game sublayer” is generally creates the relationship that the more abstracted work elements become, the more complex the implementation becomes. Refer back to the above section for a very simple example of how to turn a metric into a game with minimal change.

In doing this, you are really hinging on following:

1. The “game” or game-like implementation is engaging enough to be effective at motivating employees as a majority to better perform their duties.
2. The “game” or game-like implementation does not experience an exponentially growing curve of progress and engagement. That is, visible progress and achievement is easily obtained at the beginning of the “game,” but visible progress as time goes on becomes very sparse. In layman’s terms to ensure the distance between the horse’s mouth and the next carrot are always far enough apart to ensure the horse is willing to pull the cart far enough to get the carrot rather than losing interest in it.
3. Employees are truly motivated by imaginary achievements and milestones as a motivating goal where actual goals may or do not exist.

As all people have different motivational factors and different degrees for each, we do not recommend a single method approach be realistically expected to work as a cure-all panacea to attrition. It may significantly help, but doesn’t account for individuals who are motivated differently. If at all possible, seek ways to integrate aspects of these recommendations into each other to create a motivational system end to end.

Milestone Systems

At this point, I will be exploring different gamification methods and at a high level what they involve and accomplish. Though please note further research into the actual time effort cost for your individual situation may vary.

Achievements can be given and displayed as badges, which are also commemorative like titles.

Pure game mechanic solutions to gamification do not introduce any real-world rewards to employees, only a self-perceived valuation hinging on an explicit or implicit competitive element such as being point-based or achievement-based. For the sake of ease of reference, I call these mechanisms milestones. Milestone systems are typically implemented as a points or tracking to achievement mechanism where the points are used as progress toward something larger – hence the term milestone. Points themselves can be tied to some measurable unit of work like number of calls taken inbound, calls placed outbound, number of successful sales, etc.. The thing to note here is all of the examples listed could be lumped together as “work,” so points from doing this work are all the same “points”. On the other hand, you could implement the points to be tied to the type of work such that points earned from taking inbound calls are separate from those earned for making outbound calls. Additionally, you  can assign quantity of points or progress by the quality of work such that employees evaluate the optimal method of “playing” this game as doing the best work they can in the highest volume they can achieving quality and quantity rather than one or the other.

This opens up the possibility of having employees work toward specific or multiple milestones at once. If we loosely define the rules of the “game” such that employees recognize employees with higher levels or larger quantity of achievements have done more work, it replaces the need for an explicit leaderboard which may only tell you in traditional terms who the most active employee is, though not necessarily if they are the most effective or high quality employee. The traditional implementation of an employee leaderboard typically focuses on one or two aspects of employee performance while inadvertently undermining others.

WoW and work – two things you would normally not think related to each other in a good way.

The last component necessary for a milestone gamification system is the definition of the milestone itself. If these are “levels” whereby the points are accumulated toward further levels, you need to be careful to avoid exponential growth. That is, gaining levels early on for employees is very easy while over time it becomes extremely hard. This is a common issue with actual video games where progress early on is incredibly easy to entice players to keep playing – typically in the hopes they spend money and the money spent becomes a deterrent for them to eventually abandon the game. While not in complete alignment with gamification in a non-gaming system, the same potential holds where employees lose interest in the “game” and therefore lose motivation to perform the work to “play the game”.

Related to the concept of “levels” for a milestone gamification strategy are achievements. Levels, while easy to tell at a glance how far along or advanced someone else is compared to yourself, are often boring as it reduces the employee’s efforts to a number or title. Achievements can operate almost identically to levels, but can have very different requirements in obtaining. Steam, Reddit, and most of the prominent home console system platforms implement such a system though the name for the concept can vary (badges, achievements, trophies, etc.). The intent is to show off accomplishing something specific. The notable thing about this is you can implement milestones that actually aren’t work task related, such as having an achievement based on how long an employee has been with the organization such that it becomes a more casual “who’s who” of the workplace. Achievements have the strength they are not bound to a single counting mechanism for progress and can therefore play employees’ strengths and motivate them to be involved in other aspects of the organization. Employees may take a surprising amount of pride if they can show off they’ve been in Finance for 3 years as well as in Marketing for 2.

Sweepstakes Systems

Though easily inferred, sweepstakes systems record employee activities to ultimately win or possibly win something. The actual reward can widely vary. It might be something that is conferred to an individual or even to an entire team like a gift card for the individual or a company sponsored team lunch or activity (maybe skydiving?). Sweepstakes gamification systems tap into the motivation for a reward and much less for the recognition associated with being “the winner”.

Sometimes the pretense of possibly winning something through participation is motivation enough.

Like milestone systems, employee/team performance must be qualified in a way that defines the “rules of the game”. For example, if we determine the reward is something an individual wins for being the top, we might measure that in terms of “greatest number of X” or some other metric we consider valuable overall operations. Because we need to determine a “winner” or “winning team,” it is by extension necessary to define a term to our sweepstakes system. My recommendation is to avoid terms longer than one business quarter as the length of time becomes hard to keep motivated or paced and the winner is more the result of a few individuals being motivated and the rest not motivated.

The downside to this approach introduces problems all its own that may cause it to ultimately backfire. If you consider the case of motivating employees by rewarding the employee with the highest something, if the winner is a particularly competitive or reward-driven employee, this employee has the propensity to win multiple times thereby monopolizing the rewards. The inability to obtain a reward by anyone else can conversely demotivate them from participating such you may find productivity at the same or even lower levels than before the “game” was implemented. In this case, you are essentially spending resources to motivate a single employee at the expense of everyone else.

This can be sidestepped by combining the sweepstakes system with the milestone system by asserting “for every X, the employee gets Y” where Y might be something like an entry into a raffle drawing. This ensures that employees who are motivated have a higher probability of winning than those who are not. Supplement this with multiple prizes or prize pots and the detrimental side effects of there being a single winner consistently are mostly mitigated. In practice, this could be something like “for every 100 calls taken, the employee can enter one entry into one of three raffles of their choosing.” Of course, with this particular implementation, the issue of favoritism between employees and those administering the sweepstakes system presents a point of failure.

Affirmation Systems

While all gamification systems seek to affirm and motivate, affirmation systems are used to describe systems that combine a competitive counting mechanism found in milestone systems with a social valuation aspect. In practice this usually ends up looking very much like the like/retweet count and who liked/retweeted mechanisms of Facebook and Twitter. This plays into employee motivation in that the employee is given affirmation by supervisors and/or managers for their performance thereby validating to the employee their work is visible and appreciated. The “game” aspect of this system is freer to interpretation: is it more valuable/telling an employee has many instances of affirmation or is it more valuable depending on who gave them affirmation? Posed in this way in regard to value and scarcity, affirmation systems are really just milestone systems measured somewhat differently.

Like sweepstakes systems, affirmation systems have the pitfall that they can be vulnerable to favoritism. Not unlike actual social media platforms, this can lead to exclusion and resentment of employees and supervisors that at worst can culminate in a headache for HR. If such a system is implemented, consider having employee performance measured in some recurring time interval and then the respective affirmation giving employees/supervisors recognize some top performers across different categories to maintain impartialness.

1UP  Systems

Coined from beloved platforming games of yore, 1up systems typically do integrate an actual game to the system with work activities providing employees the ability to “play” the game in some defined capacity. While not necessarily measured in terms of “for every 100 calls the employee takes, the employee can play this game once,” 1up systems can implement the concept of a game currency not unlike social media games like Farmville where currencies are used to purchase crops, decorations, etc. for the player’s farm. In this way, whatever merit/work-based “currency” the employee accrues can be used in whatever manner they deem satisfactory.

More so than any other gamification system 1up systems integrate the motivating factors of entertainment. Given this, such systems have all the perils of gaming obsession such that the employee is more concerned with playing the game than being aware of work. The core intent of gamification is to abstract aspects of work to not appear or feel like work, not to make work literally into a game unto itself.

Implementation of 1up systems require careful consideration and monitoring. This is especially true given the initial implementation may greatly improve one aspect of productivity and quality at the expense of another. Remediating this undesirable side-effect may be difficult if the “game” isn’t flexible enough to accommodate the change in business objectives.

Gamify Within Reason

Remember, the objective is to abstract work through game mechanisms, not to turn work into a game.

You may have noticed each of the varieties of gamification discussed above tends to get more and more complex. While engagement is desirable, there is a threshold at which a gamified system becomes too much a game in of itself and less a system for work and productivity. At the same time, the more such a system becomes a game more effort must be invested to implement the game depending on how in-depth it is.

If you decide a gamification approach is viable, I invite you to carefully consider the following:

• Work to Game Integration – how much and how deeply are a game or game elements going to be built in  alongside the actual work system?
• Employee Engagement Lifetime – how long do you envision the “game” being effective at maintain employee interest to stay motivated? What do you anticipate to happen beyond the engagement lifetime of the implementation? Do you find new ways to add “content” to the game or anticipate most employees to have moved on anyway by or after the engagement lifetime?
• Effort/Cost to Implement to Effectiveness ROI – You get to do your own cost benefit analysis! Is the cost of a service that integrates gamification elements to a workflow worth the subscription cost? Is it worth it to spin a few developers off to build your own gamification system? Can you provide proof the implementation is effective at reducing attrition?

More to Come

At this point you may be either thoroughly intrigued with the notion of gamification to address employee motivation problems to curb attrition or find the entire idea of turning work into a game ludicrous. While this might seem overwhelming remember you can start small! It doesn’t even need to be an integrated system, it could be something fairly crude like using a poster with employees’ names with stickers.

By the end of this series I hope you’ll have come across ideas on how to keep employees around longer and improving their satisfaction/morale as well as have given thought on what might work well or not so well for your own organization.

But why hide it or let it be? Why not seek ways to address the issue of attrition in contact centers?

At NocTel we dove into the underlying reasons and compared notes to conclude some of the lessons we learned are both surprising and not so surprising. This article shares our findings and suggestions to address the problem of attrition from a contact center-centric perspective, though much of what we found has varying degrees of commonality with other occupations and industries.

Motivating Factor

Humans are not too much different from other intelligent, self-aware creatures. We pursue things that make us feel safe, happy, or accomplished while avoiding altogether or minimizing exposure to situations that harm us, are detrimental, or otherwise unpleasant. For ages we have been keenly interested in what motivates people to do what they do and don’t. For some, it’s romanticizing the prospect of fame and fortune. For others, something simpler like making others happy makes them content. Yet others are motivated by the drive for superiority or to have what they currently don’t.

For contact center agents, attrition is largely stemmed from the basic evaluation of cost benefit, which is the analysis we typically use for things in life big and small. Should I buy this expensive car even if I can’t afford the monthly payment or insurance? Should I risk eating pizza and having a really awful time later when I don’t have any lactase pills on hand? Should I invest in this particular company’s stock after becoming aware of a major scandal? Should I plan my own wedding to save on costs knowing it will take more time and effort on my part? For each of these examples there is an implicit analysis: to do X or not to do X in order to gain Y or not have Z happen. What are the benefits associated with either deciding to do/pursue X or not? What risks are there associated with these options? Unsurprisingly, often times the benefit associated with doing or abstaining is the avoidance of a negative outcome. The word “benefit” carries a positive meaning we often interpret as gaining something or being better off because of it. However, when you consider consequences, the benefit itself doesn’t have to leave you better off – it could be beneficial to avoid being worse off. Such is the case of clearing gutters and ditches before a rainy seasons comes. It may not be particularly enjoyable, but the benefit to doing so is the avoidance of flooding around the house and property. Doing this chore didn’t make your home and property better off, but it did prevent it from likely being worse off.

Maslow’s Hierarchy of Needs is typically depicted as a pyramid with each level denoting how fundamental the need is to survival and eventually self-fulfillment/contentness.

In regard to contact center agents in particular, this analysis plays into Maslow’s Hierarchy of Needs. The motivation put into work at a contact center – or any occupation, really – often hits a peak at which monetary compensation and benefits become moot turning the focus on other aspects of the work and environment. Forbes’ article on primary causes of attrition makes particular note that while most people have a price, meeting or exceeding monetary compensation isn’t always a surefire method of improving retention rates long term.

What contact center agents often find lacking from the job in regard to motivation to stick around is recognition and belonging while being aware there is a presumed ceiling on compensation. Recognition and belonging fall squarely into two of the tiers of the pyramid formed in Maslow’s Hierarchy of Needs, and a quick study of this pyramid lays human needs from bottom to top in order of necessities to survive leading to things that make us feel content with ourselves, others, and the world. Provided agents are not in dire straits such that their priorities necessitate focus on housing and basic living expenses, the higher tiers of Maslow’s pyramid become more important despite being considered less integral to survival. In other words, agents don’t feel like their daily efforts amount to anything when it becomes monotonous with no feeling of accomplishment or appreciation leaving predominantly negatives associated with keeping things as they are. However, it should be noted that if any layer of Maslow’s pyramid are not met, it will cause dissatisfaction that undermines the importance of the other layers. For example, an employee that is generally happy at work may become disenchanted as they find the cost of living is rising while compensation is not. This jeopardizes the fulfillment of the very base level of Maslow’s pyramid causing the more abstract upper layers to become destabilized as the employee out of necessity frets over how to make ends meet.

With a lack of perception that one’s efforts are producing anything observable or being recognized, occupations such as contact center agent and even IT help desk quickly lead to burnout as the workload on a daily basis has a propensity to grow or experience “flare ups” in volume. Couple this with the fact in many instances, contact centers exist to address customer problems. More often than being complimented by a supervisor or customer, such individuals find themselves on the receiving end of criticism intended for the company or being ostracized for the agent, typically out of company policy, not meeting the customer’s demands. One cannot ignore the taxing effect on the psyche this has on a daily basis and the negative feedback loop this creates for the agent. Where one is not recognized for their efforts or ordeals, one does not foster loyalty as the employees do not feel actualized in their efforts and roles. This demoralization is only exacerbated when the feedback received in their duties through customers may more often than not be negative.

Naturally, over time the cost benefit analysis boils down to “If I can find similar wages for employment elsewhere where I am more effective, making a difference, and overall feel better about what I do why should I stay here?” That is, the question of going or staying actually views the absence of the stress, lack of motivation, and workload as a benefit rather than an associated risk or cost for some other benefit – namely the benefits of recognition and belonging. As described by this article noting Carver, Scheier, and Higgins; it’s entirely possible to evaluate the distance away from the undesirable (anti-goals) as being a benefit unto itself when speaking relatively of goals and circumstances today. This loops back to our earlier example about clearing the gutters and ditches in preparation for the rainy season. While you could certainly do nothing about it or take your chances, inaction makes the prospect of flooding (the anti-goal) more of a certainty than if put the effort in to avoid it.

Different Folks, Different Strokes

Not everyone is motivated by the same thing. Sometimes it’s money, sometimes it’s feeling valued.

While Maslow’s Hierarchy does a good job describing most people, it doesn’t explain everyone. As such, there will be employees who are motivated more readily at the prospect of tangible rewards or recognition that has a tangible reward associated with it. For such employees, a $5 gift card to someplace like Starbucks or an entry per “kudos” to a monthly or quarterly raffle can be more motivating than being appreciated or recognized with words and praise. While it may seem rude to most of us, such individuals may truly think “words complimenting me aren’t visible proof I’m appreciated” and receiving personal or public praise may be valued equally as simply not being praised or being chastised with no actual punishment involved.

Of course, there are certain challenges associated with such motivation strategies. In particular, it necessitates accurate tracking of employee progress, rate at which employees are rewarded, and the honesty of employees at all levels such that the path to the reward isn’t artificially more difficult or easy. The only thing worse than not addressing attrition is unreliably measuring its effectiveness, which if the measures by which a policy change are faulty then the entire premise can end up going out the window or at the very least coming under careful scrutiny in the future when policies are implemented.

The above sections suggest we can appeal to employees by assisting them in finding accomplishment and satisfaction in their role while defining a benefit. Future articles in this series will be examining methods of how you could implement systems and policies to improve the image of the workplace, employees’ place and visibility in the workplace, reduce attrition, and monitor if your changes have been effective.

Acknowledging the Problem

Make sure the problem is acknowledged at all levels to ensure the goal is well-defined and the efforts to get there are supported.

Of course, “acknowledging the problem” means it’s there, right? Not exactly. Acknowledging the problem of attrition as an issue with the serious intent of improving requires levels of authority within the organization share the concern and are ready to listen and make changes. This isn’t always easy and at higher levels of management the disconnect between business performance metrics and the employees can occur. Not necessarily out of malice or apathy, but out of simply not being connected or aware.

Therefore you, as someone in the spectrum between an agent and management, need to consider how to effectively appeal for the better to both sides, which is admittedly not the easiest thing to do. Regardless of where in the organization you, dear reader, are located, the next step beyond acknowledging the problem of attrition is to gather unabashed opinion from as many individuals as you can. Be prepared to be surprised or swallow some uncomfortable realities and discern if the thoughts being relayed to you are earnest or self-perceived. Look for commonalities, press individuals for specificity of what displeases them or they wish to see, and also determine what degree of drift exists at all levels involved.

How easily it is to start this discovery and information gathering process is relative to your own organization. If employees feel as though their opinions really don’t matter and they are simply to abide by policy, they may presume their honest opinions will end up in the trash anyway wasting their time. Conversely, if employees have some degree of trust in supervisors, they may more readily share their thoughts but have the expectation it will likely not amount to anything (accept their challenge and prove them wrong!). This may not be an easy task, but it is necessary to better understand the court you’re playing in and can visibly affect what options for implementation are both reasonable and feasible. After all, if your only measure of the problem is your own perspective how can you be certain your solution will truly be effective?

In our next article on attrition, we’ll explore some methods your organization can implement to make a difference.

What is Flow?

NocTel Flow is a fully featured cloud-hosted contact center solution that integrates with NocTel’s hosted voice services. Since we developed Flow leveraging many of the features found in NocTel’s voice platform, the best results leverage NocTel for the underlying voice service with Flow as the contact center software as a service (SaaS).

Like NocTel, Flow was implemented to be agnostic of pricing tiers and the same customer focused analysis with NocTel voice service is present with Flow. We’ll work with you to ensure we meet your requirements and much less a matter of your requirements conforming to our feature set.

To avoid confusion, Flow is a separate service that integrates with NocTel voice services. That is, if you are an existing NocTel customer, Flow wouldn’t be available by extension – we’d need to work with you to setup a contact center solution that possibly uses NocTel voice services in a separate contract (the voice services supporting Flow) in addition to the agent volume and associated costs for Flow. While Flow services can be added on to an existing NocTel account, it isn’t recommended as contact centers are often in a separate business unit of organizations and therefore a separate operating budget or project budget from core organization voice services.

Why Contact Centers and Why Now?

During the time spent researching ways to grow NocTel, we had considered contact centers as viable on the basis they heavily rely on large volumes of agents handling large volumes of calls. That much seemed obvious. What we didn’t know initially was how much different contact centers were from how businesses use their lines on a normal basis or what that difference looked like under the hood of things. We were pleasantly surprised to find how much of NocTel’s voice platform could be easily adapted to handle contact center functions.

While contact centers and business voice services might seem quite different, there is actually a significant amount the two have in common. Features we developed for Flow are making their way to NocTel VoIP customers because it made sense to implement that way. So by simply going with the Flow, existing NocTel customers will also see new features and improvements (and more low hanging puns).

From what we’ve learned getting into the thick of contact centers, we’ve found other possibilities for NocTel to grow that lets us really emphasize the Communications in NocTel Communications. We’re excited to the point we’ve filled several whiteboards worth of ideas for uses, integrations, and products several times over. As our products and operations continue to mature and become more diverse, we can provide an even better level of dedication to you for future services while maintaining our ease of accessibility, billing, and use that has allowed us to continue being your services provider of choice.

Where to Learn More About Flow

To learn more about Flow see its Features page. If you have interest in Flow or want more information regarding deployment, demonstration, etc. let us know at sales@noctel.com.

Like NocTel, we also have a dedicated public knowledge base covering the range of topics from basic setup, use, and how-to articles. Also keep an eye out on our blog and newsletters for more Flow and contact center related content.

Dial plans are a core part of any telephone system regardless if it’s landline or VoIP. At its most basic, a dial plan establishes the valid sequences of digits dialed for both those placing calls and those receiving calls. In the context of digital telephone systems and networks as well as VoIP, dial plans also include the parsing and logical routing for both numbers dialed, special inputs like needing to press a specific digit in order to call outside the office, and automated menu prompts. When calls are placed or received, it is the dial plan that analyzes the number dialed and makes sense of what to do with it exactly. What it “does” varies from removing digits and modifying them based on patterns and rules.

The dial plan is also what makes sense of any digits input at an auto attendant menu. It might not seem so obvious, but for each valid input there is a distinct routing action and for each invalid input nothing unexpected occurs – typically a response that the input is incorrect. For example, if your auto attendant menu prompts the caller “press 1 for billing, 2 for support, and 3 if you’d like to speak to a representative. Alternatively, if you know the direct extension of the person you are trying to reach you may input it now” then pressing 1, 2, or 3 are interpreted to route the call to the appropriate department. Our example auto attendant menu also allows for direct extensions, which would recognize the caller providing 3 or 4 digits rather than a 1, 2, or 3 – the logic even accounts for the circumstance someone in the company has an extension numbered 123.

What’s being touched upon in the above are practical examples of “patterns” defined in the dial plan to achieve a desired routing behavior. Without the dial plan implemented to make sense of these various patterns, there would be no reliable behavior and the system to place calls and interact with menus would be terribly rigid and ineffective. So a bit of complexity goes a long way to enabling behaviors that are generally accepted as just part of the phone system and expected to work  (but now we all know better than that, right?).

With this high level understanding in tow, it becomes obvious the dial plan is something to be mindful of when subscribing to telephone service for your organization – even more so if the organization spans multiple buildings, states, or even countries. While you may never need to develop the underlying logic of a dial plan, you do have a measure of control over what inputs get fed into it and the expected behavior. The goal of an effective dial plan for any organization is to prevent confusion and frustration for those within the organization reaching those outside and across the organization as well as those trying to reach individuals and departments from the outside. Without an effective dial plan, extensions and numbers for your organization are just a mixed bag of numbers and a lot of notes reminding callers what to dial to reach a specific individual or department.

NocTel offers the following recommendations when considering dial plan design for organizations:

Use Distinct Extension Numbers to Act as the “Face” of the Organization or Departments

This means the organization as a whole should be blanketed under a base number like +1-555-555-xxxx or several distinct sequence extension numbers. With multiple locations one office’s main line might be +1-555-555-1000 while another’s is +1-555-555-2000. The idea here is to give outside callers a simple, consistent way of reaching a main office line or department.

Setting aside a 3 digit series for extensions within the x000 range from 1000 to 1999 and 2000 to 2999 in the example above, typically gives enough breathing room internally for further granularity. This would be something like ext 1000 is main office for location, ext 1100-1199 for first floor and ext 1900-1999 facilities or on-call response personnel. However, what ranges and subdivisions that are most effective varies with each organization.

Use Auto Attendant Menus to Help Guide Callers Appropriately

Often times outside callers to your organization do not know a specific individual’s direct extension or even fully sure of which department they’re trying to reach. Worse, if an employee is still with the company but has shifted roles or location, their extension number and possibly desk phone number may have changed. Auto attendant menus with NocTel allow the same digit prompt style along with the ability for callers to specify an individual’s direct extension so secretaries and other front line staff do not need to act as operators for calls coming in. NocTel’s auto attendant menus also allow spoken directory lookup for departments and even specific staff. Couple an auto attendant menu with the company directory through LDAP/Active Directory ensures that the most current information for reaching employees needs to only be maintained in one place.

The benefits of thoughtfulness with auto attendant menus are that callers can be directed appropriately without needing to hang up and call into a different number or the caller reaching the wrong department only to be transferred…potentially multiple times. For example, if the organization has multiple buildings and someone calls the main line of the wrong building, then  the auto-attendant menu for the other building (the one the caller is trying to reach) may include an option for the other building which redirects the call appropriately meaning a caller who dials into the wrong building can reach where they need to just as well as the caller who dials the right building. Alternatively, if the auto attendant menu used NocTel’s spoken directory lookup, the caller could say “NocTel Portland Office” and be directed correctly – this even works for specific individuals within the organization!

Plan Your Extension Needs for the Reasonable Future

Following the above recommendation, if your organization has a good idea how many employees and departments need extensions your dial plan should account reasonable future use and need. Today your organization might be alright with 3 digit extensions, though within the next 12 months due to large growth or organizational changes, it may necessitate using 4 digit extensions instead. For staff in organization technical support roles, it’s much easier to keep things tidy than provision whatever extension number happens to be free. 

While impacts to dialing plan usually occur shifting extension length from 3 to 4 or vice versa, NocTel’s support engineers are always available to consult the impact of changes and assist in minimizing disruption to the organization’s ability to place and receive calls. It’s a good practice for the technical services staff to identify the horizons of the organization to plan expansion or retraction into the foreseeable future.

Use Groups of Extension Numbers for Organization

Regardless if your organization is a large one with multiple locations and thousands of employees or a smaller shop with distinct departments, it’s always a good idea to plan groups of extension numbers for certain use.

For example, placing all technical staff extensions within a certain extension range or for schools placing all teachers in a specific range. For the latter, this could work even across buildings such as having the teachers on extension x20 through x70 where x differentiates the school building through the hundreds digit. That is, teachers in building A are extensions 120 through 170, those in building B are 220 through 270, etc.. The human brain is a pattern seeking thing – take advantage of it!

In larger organizations this may require looser groupings as employees enter and leave the company causing extensions provisioned and available to fluctuate. NocTel’s extension management makes it easy to default or re-provision extensions as staff changes over time whether it’s to accommodate a few employees entering or leaving or many. However, the framework for what extension ranges belong to what within the organization need to be defined and faithfully put into practice to be effective.

Be Aware of Restricted or Special Use Extensions Within the Organization

While extensions extensions are generally available across the organization, there may be special extensions that are reserved for specific routing behaviors or are restricted to avoid dialing conflicts. The most typical side effect is using a 9 to dial out and the inevitable occurrence someone accidentally dials 911.

Avoid Using 9 to Dial Out

Odds are you have worked at an organization that used a 9 to dial out of the organization leading to some mistaken emergency calls and possibly a couple nastygrams from the office manager advising everyone to be careful. If there are alternatives to using 9 to dial out that are not reserved or otherwise unavailable, NocTel strongly recommends using it.

While the above are general practices to improve the behavior of your dial plan and make it more flexible to changes in the organization, it is by no means comprehensive. Work with your provider, which may be NocTel, to ensure the dial plan accomplishes everything you need it to while mitigating design and operational difficulties. Customers of NocTel typically work with engineers to identify the most effective dial plan for the organization while retaining it is by no means set in stone – we understand things change. 

Homer does largely for SIP packet capture via Sipgrep (and other like applications) what Kibana does for Elasticsearch and Logstash – it provides a place to:

• Access singularly to retrieve SIP captures via Web UI
• Centrally store SIP capture data across many hosts
• More intuitively filter SIP capture data and correlate the data to the dialog/transactions each request/response is part of (this is immensely useful!)
• Gracefully age dated capture data you don’t want to persist for very long (though persisting longer term can be configured very easily)
• Charts! Oh glorious charts!

Core Components

The whole of Homer will depend on the following components, some of which may require some manual configuration depending on your operating system and environment. I will not cover the configuration for each component, but the quick install script in the section below will get a base working configuration going for you:

• Kamailio
• Apache (httpd)
• Elasticsearch
• mySQL (or similar)

Deployment

I’ll be frank here: Homer is not easy to deploy manually, and it really gave me a whipping when I attempted it roughly half a year ago on a CentOS 6.8 host. That said, if you happen to be using a host that isn’t Debian 8 or CentOS 7 you can take a whirl at it based on the instructions found here.

If you happened to gander at that page, the obvious path of least resistance is to stand up a fresh CentOS 7 or Debian 8 host and simply use their installer script. Do be aware you will want this host to be absolutely fresh – don’t even bother running updates on it until after you’ve successfully installed and configured Homer (to be even safer, you might want to back this host up either as a snapshot or proper backup in case updates after installation break something).

The installation script instructions are fairly straightforward, but some of the nuanced points I didn’t immediately pick up were:

-rotation.ini is a very important file and therein contains your DB credentials for Homer (which is actually used by Kamailio – the credentials in /etc/kamailio.cfg need to match those in rotation.ini) as well as connection information (such as using a socket for DB connection) and rotation threshold settings.

-sipcapture.crontab – you’ll probably want to just adapt this to a job in /etc/crontab rather than have it hanging out as an isolated job.

-configuration.php, which will usually be under /var/www/html/ or wherever you placed the Web UI for Homer. This also needs to be in agreement with the contents of rotation.ini and where you control whether Homer only attempts to and exposes the localhost for SIP capture querying or if it can attempt to query other nodes that contain SIP capture data. This is where you’d turn to if you happened to forget the DB root credentials (and also a very good reason to limit permissions and ownership of this file in particular). More on this a bit later.

Aside from the above and what the install script handles, the only additional legwork required is to allow UDP 9060 or 9061 – as a best practice limit this to an internal IP range or as a series of specific addresses you know will be forwarding SIP capture data to Homer.

A Quick Word on Distributed Topologies

If you peered into configuration.php you’ll have noticed a define(‘SINGLE_NODE’, 1) statement. Flipping this to 0 and restarting httpd will allow a Homer instance you connect to via web UI to query other Homer instances the connecting instance is made aware of. Do note that this is not meshing nor is it replication – each Homer instance can only be queried for SIP capture data it locally contains. This becomes very obvious given the web UI requires you to manually “register” other nodes (or you can insert the instances into the DB directly).

Should you choose to do something like this, you will need to either acknowledge or accept there is no replication provided. It’s also recommended that you choose only one or two Homer instances to be accessed via web UI as a security precaution.

Getting Capture Data to Homer

Homer with no data doesn’t yield us a very useful tool! So we need a tool that can capture SIP requests/responses – in NocTel’s case, VoIP servers or SIP Proxies are the ideal hosts for the capture tool; of which we prefer Sipgrep. Depending on your operating system variant, additional packages may need to be installed as prerequisite of Sipgrep.

Once Sipgrep is installed, it’s very easy to get running and shipping capture data off to Homer: sipgrep -H udp:homer_ip:homer_port

Where homer_ip is the IP of the Homer host and homer_port the UDP port Homer is set to use (this is found in the /etc/kamailio/kamailio.cfg file as #!substdef “!HOMER_LISTEN_PORT!9060!g”). Aside from this, the obvious bit of configuration is ensuring the host Homer is on allows UDP 9060 (9061 can also be used, but this requires changes elsewhere like kamailio.cfg).

If not given the flag for a discrete duration to run, Sipgrep will run indefinitely and must be terminated with a ctrl + c sequence. When run as above, Sipgrep will not save any capture data locally, so do be aware you will need to provide the proper flag and argument to save locally. However, when actually digging through dialogs in troubleshooting/debugging, the dialog chart view includes several export options to save the dialog off. Given this, you may find there is hardly any need to locally store Sipgrep captures on the local host.

What capturing application you use isn’t terribly constricted, but it should be able to forward off what it captures to a remote host.

Filtering Captured Data

Homer has a very obvious Search functionality where you can build in a semi-graphical manner the equivalent to a Wireshark filter. For basic terminology, the To and From “User” fields correspond typically to the phone number and Source/Destination Host are roughly equivalent to IP Address. Terminology may vary slightly between tools relating to SIP, such as calling the Source/Destination Host the Domain, which is what Kamailio uses when creating routing configurations.

Like Wireshark, your initial search results may be…quite numerous. However, SIP is nifty in that every packet has a CallID value which ties it into a specific dialog between source and destination. You might notice the CallID value in the table has the appearance of a hyperlink – clicking it will bring up a dialog chart view showing the exact flow of requests and responses for that particular CallID dialog. With this in mind, you can select any single packet’s CallID from the Search result table and it will construct the dialog for you. Further, from the dialog chart view you can select any of the request/responses to see the contents of the packet. This altogether makes sleuthing through what’s happening quite easy.

Viewing and Filtering

Off the bat, the most immediately useful view within Homer is the grouping of dialogs and transactions such that you can see everything that occurred in a given call by selecting the CallID column for returned activity which switches to a flow chart view of the entire dialog for that CallID. For example, a dialog from one of our SIP Proxies would show an incoming call request received by the SIP proxy who then passes that call off to the VoIP server that particular customer’s extension is set to and all the responses occurring for that dialog from trying – ringing to answer to hanging up. Additionally, depending on if it’s included or not by the parties involved in the dialog you can even view quality of service related properties like what audio codec was used for a given call as well as MOS min/max.

Related, Homer also gives some insight to how things are performing – this is more conducive to running Sipgrep for extended periods to gauge network stability and quality of service. This can be found under Panels – stats:VoIP Traffic and includes charts like answer seizure ratio and network efficiency. The former is useful in determining how many calls are successfully completing.

Finally, don’t be alarmed if you see nothing showing up for UAC Registrations – this is very common as your hosts will more than likely not allow Registration from UACs and this is handled beyond your scope.

Closing

While we certainly wish we could all have perfect conditions all the time, problems do arise and investigation becomes very necessary to remediate or assist in remediating. Tools like Homer and Sipgrep are among the toolbox we keep handy to immediately start getting to the bottom of issues experienced and reported by you, our customers.

As a company of geeks and nerds, we love to learn and teach. While the information and practices we share through articles such as this work for us for our purposes, we’re not averse to hearing from readers on what we could do better. Keep your eyes peeled for future articles on IT and networking related topics and tooling!

Addendum 2018-05-23

After playing around with Homer and Sipgrep for a while, a recurring issue was popping with Sipgrep where it would be unable to run for extended periods of time and wasn’t easy to daemonize resulting in the perpetual uncertainty as to whether anything was being captured on account of Sipgrep dropping out. As an alternative to Sipgrep if you need long term captures, I  recommend using Captagent instead as it can rigged up fairly easily in the context of systemd. You’ll need to build it from source and will need to install libuv and libuv-devel prior to configuring and installing. The configuration is a bit more involved than Sipgrep and can be somewhat confusing initially, but if your primary use is to perform SIP capture to ship to Homer the documentation is sufficient at guiding. We’ve been able to successfully run Captagent for 3 months and counting on numerous busy servers – Captagent is very lightweight and generally does its job without fuss.

It’s a late night again, and you’ve been working since 5am. It’s not always like this, but the busy season seems to keep you at the office longer than you’d like.

BRINGGG

A phone call this late? Must be from the missus.

“Hi honey”

“Hellooo?” – The greeting comes through jumbled and difficult to hear.

Great. Not again.

“Yeah it’s me, I shouldn’t be long now.” – You say while doing your best to enunciate as clearly as humanly possible.

“Ethan? –krr –‘s S –ah. Where – krr?”

Yep it’s gonna be like that I guess.

“Honey, I can’t hear you. Text me, OK??”

“What??”

You can never get a break. Not even once.

“I said text me!”

“Texas? What about Texas?”

You’d probably have laughed at that one if this wasn’t a regular occurrence. This was pointless. You hang up the phone and pull out your cell phone to text her.

>>Hi honey, couldn’t hear you well. I said that I won’t be long now. Just about finished for the night.

You hit send and wonder why in the hell she even bothers calling you. Cell reception in the building isn’t great either so it’s often the same story. Here your office “just” got its phone system set up too.

It didn’t make sense. Analog is supposed to be better than that VoIP crap right? The salesman had explained it in a way that made a lot of sense. VoIP is “new” with a lot of kinks to work out and Internet connectivity is always so spotty. Made sense to you at least. Seems like every other day the Internet is moving slow for some reason or another despite the fact your office has more than enough bandwidth. You can’t imagine what that would do for voice. To be honest you didn’t really look much into it, but you didn’t really see a reason to.

Just as you’re starting to think it’s been a while since you sent that text..

BZZZZ

Your phone vibrates on the table and you reach for it.

>>I wanted to do this over the phone, but once again, I couldn’t understand you so I guess text is going to have to work. There’s no easy way to say this, but I’m leaving you. I called George a couple weeks ago at the other office to get that report you wanted me to get and we started talking. TALKING. Like on the phone! Excuse me for wanting to speak with another human being when I communicate with them, but it’s just the way it is.

You stare at your phone incredulous. You’re sure she’s joking. You’ve been married 3 years! This is completely out of the blue. You’re not sure whether to shout or cry. You immediately click the call button, but yep, service isn’t good enough to put the call through. Your phone buzzes again.

>>Look, I know you love your job, I could never ask you to leave. When we’re together everything is great with us, but I need to be able to speak with my husband when he’s at work from time to time and right now I can’t do that. I asked George why their phones sound so good and he said their office upgraded to VoIP. Maybe you should look into it. The technology has been around for more than 40 years.

40 years? She can’t be serious. The World Wide Web is only about 25 years old. Now she definitely can’t be serious. You grab your phone and start furiously texting away.

>>Are you kidding me? I don’t know what this is about but it’s not funny. We can talk about this when I get home

You hit the send button and wait for the “delivered” message to pop up. It doesn’t. You wait some more. Nothing happens. You stand up and go outside where your service is good. Still nothing. You try sending it again. Nothing. You’ve seen this before with a friend but your brain won’t let you admit that it’s happening to you. You’ve been blocked.

You get home that night and realize that her stuff is all gone. Everything. It’s like she’s never lived there at all. You try reaching out to her family and friends but you’re getting nothing back from anyone. You walk automatically over to the liquor cabinet and pour yourself a straight cup of bourbon and slump down at your desk.

After what feels like an hour of staring numbly at a black screen with your esophagus burning from the painful bite of the bourbon, you reach toward the white computer mouse and bring up the homepage of www.Google.com. With trembling fingers, you type into the search box…

Cost effective VoIP providers

NocTel Communications is a hosted VoIP provider dedicated to solving the many problems that face educational institutions today. Known for providing the highest quality service at a fraction of the price of its competitors, NocTel is completely disrupting the telecommunications industry. Click here to get a hassle free estimate of what your district could be paying for phones.

In a perfect world devoid of things that make the experience and reliability of something everything would just work. Unfortunately, we don’t live in such a world and Quality of Service (QoS) becomes a very real consideration for services that extend well beyond the scope of networks and VoIP. For example, we expect Quality of Service when dining out that we get the entree we ordered within a reasonable amount of time. In regard to networks and VoIP, Quality of Service is increasingly important if you consider it’s quite likely you have more traffic generated that needs to transmit than can be transmitted with the available bandwidth. Bandwidth being volume over time, such as Gbps (gigabits per second). Given this conundrum, how do we ensure traffic with more immediate need is handled first and the less important stuff can hang out for a bit without making overall reliability and quality suffer?

When we talk of QoS in relation to VoIP service as a provider, the expectation is calls experience minimal to no choppiness, no issues of not being heard on the other end, and so on – your calls and experience conversing should always be as natural as speaking to someone in person. Due to VoIP operating over the internet, QoS of VoIP necessarily becomes quite related to QoS of networks – particularly NocTel’s network and customer networks. As NocTel operates its own business operations network and so do many of our customers, we each should be implementing QoS to ensure calls made from either end to anyone else are handled in such a way we aren’t repeatedly asking “Hello? Are you there?” while trying to mask mounting frustration.

We’d generally agree on the matter of not wanting to experience the early days of limited carrier coverage for cell phones when making calls from our desks today.

Enter Quality of Service

Quality of Service for networks and VoIP boils down to the simple notion of traffic prioritization. That is, VoIP voice data (RTP) and signaling for calls (SIP) are just additional types of traffic that are received and transmitted on networks among other traffic like HTTP, DNS, and FTP. However, without QoS network traffic (VoIP included) boils down to a matter of best-effort delivery – all traffic is equal without regard to whether the service/application traffic needs to maintain consistent successful receipt of data and/or a minimum data rate to avoid performance degradation. With VoIP phone calls performance degradation is exhibited by things like one party not being able to hear the other speaking, voice jitter, and at worse, calls dropping. With the real-time nature of VoIP and its practical application of making phone calls, it’s very clear VoIP (voice) traffic needs to be handled with special consideration in the network. Therefore, implementing QoS in a network that also utilizes VoIP through SIP and RTP are really the same task except we know for a fact voice traffic needs to be one of the highest priorities in relation to the other types of traffic.

In practice, voice traffic is configured to specific DSCPs (differentiated service code point) on network appliances like switches and routers. DSCP, also known as DiffServ, is one of several approaches and standards to implementing QoS. DSCP happens to pertain to internet traffic, which is what VoIP falls under. DSCP uses up to 64 unique codes that specify behavior of how the tagged traffic should be treated/prioritized. In VoIP’s case with RTP and SIP, NocTel recommends using EF (expedited forwarding) and CS3, respectively. EF is essentially the class used for highest priority traffic – the rule of thumb is traffic used by real-time applications (like phone calls) that cannot afford to experience packet loss or are unable to re-transmit dropped packets should be set to EF. CS3 is a high priority class, but allows for some flexibility when it comes to congestion and packet re-transmission (we’ll save the rundown of RTP and SIP for a later time) – see our KB article on QoS for more detail and configuration examples.

Keep Things Simple

It’s funny how that’s a frequent adage for so many different things. QoS is really no different. While it offers a way – DSCP being one of them – to manage network traffic to maintain service/application quality among a wide variety of other competing traffic, it can also be prone to becoming overwrought if too many services are being micromanaged through it for QoS. It further complicates matters of network administration if a new service or application is introduced resulting in unnecessary time spent determining what its priority is among other traffic.

Therefore, the generally most effective implementation of QoS in a network is to evaluate traffic in one or optionally two simple steps:

• What service/application traffic must be reliably delivered and service quality rate preserved?
• What service/application traffic can be put off (deprioritized) without significantly degrading service quality?

By evaluating only the services/applications that really need priority and potentially listing those that are not a priority, you can presume all other traffic not fitting those criteria can remain equal priority (e.g.: best-effort delivery).

What QoS is Not

QoS is something every network should make an effort to have implemented as there are benefits to be had and hardly anything to lose (unless high priority traffic like RTP was somehow configured to be a least priority traffic…). However, implementing QoS on your own network doesn’t automatically equate to better call quality and reliability – there’s always a Catch 22 somewhere, isn’t there?

The fundamental reality is communication of data from one network to another is not as simple as the two endpoint networks talking directly to each other. If that were the case, the networks would be peered making them essentially next door neighbors. With peering, two networks have no intermediary networks to traverse through for traffic to reach one another – it’s akin to walking to the next house over to visit a friend rather than driving across town to see him (and not dealing with rush hour traffic, accidents, or hitting every intersection light red). For the vast majority of data that traverses over the internet, several “hops” occur where the data is traversing along various intermediate networks like ISP routes. All the hops in between where the data originates and where it is going to may or may not implement QoS, which is unfortunately generally out of our hands.

Additionally, QoS must be implemented across each appliance within your network to be effective. If even one appliance is not configured consistent with the prioritization you want, it will fail to honor any DSCP classes assigned to specific service/application traffic that passes through it.

While you can fine tune QoS for traffic within your network, it can’t be guaranteed that end-to-end traversal over many networks will implement QoS. NocTel does its best to factor in each customer’s circumstances in regard to network architecture, current and available ISPs in the area when providing analysis for new customers, and supporting existing ones. Additionally, NocTel considers quality of service when evaluating potential locations of future data centers to better serve customers all around. It was mentioned earlier in regard to peering networks – NocTel in some cases can allow customers to peer their network to ours to further improve QoS.

When In Doubt, Give Us a Shout

Take it from us – networks aren’t simple or easy! If your network is in need of or interested in implementing QoS, but not sure how to effectively implement it in relation to your NocTel service let us know. We’ll help. Similarly, if you’re interested in considering NocTel service for your organization, but want to better understand changes to QoS that may already exist be sure to note it to the sales engineer you contact and we’ll address. If you interested in the prospect of peering your network to NocTel’s, don’t hesitate in inquiring regardless if you’re a new or existing customer.

NocTel Communications is a hosted VoIP provider dedicated to solving the many problems that face educational institutions today. Known for providing the highest quality service at a fraction of the price of its competitors, NocTel is completely disrupting the telecommunications industry. Click here to get a hassle free estimate of what your district could be paying for phones.

Now the process of transitioning to a different provider has potentially complicated greatly. Continue the transition process and potentially lose a number or series of numbers that have been in service for years? Abandon the transition in favor of keeping the quo? If only the process just worked.

This is frustrating and often the reasons behind a port request denial are not clear in regard to the what and why, which becomes an issue in of itself. How do you address the reasons for a number port request when it’s not disclosed in a particularly helpful way? We’ll take a quick look at where number portability came from and how it works to build a foundation to understanding the process and how to avoid some of the typical errors or inaccuracies that drag it out. The end result (we all hope) being a faster, less stressful port.

A Quick History of Number Porting

Plain Old Telephone Systems (POTS) were the old standard for telecommunications with numbers working like latitudinal and longitudinal coordinates on a map. This harkens back further in history when switchboards were operated by humans to direct calls. Calls to be directed by the operator consisted of three tuples or sets of numbers in a 10 digit long string: the first three designating the area code, the second three for the “exchange” linking the number to a physical switch within the switching station, and the last four digits assigned to the caller/receiver’s carrier.

Until 1982, telecommunications operations in the US and Canada were primarily controlled by AT&T. As part of the Bell System breakup occurring in 1982, smaller regional subsidiaries of AT&T were formed that became their own companies and competitors. To facilitate the diversification in the market now that customers likely had the choice between multiple providers serving overlapping regions, number portability was introduced to encourage competition. If customers with provider options could retain numbers with an established duration of service, the cost to business and reachability in switching providers would not be as significant a factor in deciding which provider to choose. Conversely, if number portability were not introduced, the FCC realized the breakup of AT&T would just result in smaller localized monopolies.

How Number Porting Works

With the breakup of AT&T and the introduction of number portability, things weren’t instantly fixed as we’re oft to idealize. Number portability was actually implemented by the Number Portability Administration Center (NPAC), which was created as a function of the FCC and eventually developed an additional number system called the Location Routing Numbers (LRN) intended to guide Local Number Portability (LNP).

Rather than the LRN corresponding to different switches and entities as noted above, the LRN is a unique number in the same format as a telephone number. The “telephone-like” number represents an entire telephone switch working off a database called the Service Control Point (SCP). In this new model that resembles the old Bell System model, when a number is dialed it is actually querying the SCP database where the caller’s and receiver’s numbers are exchanged and then connected.

The transition to the LRN system enabled the numerically equivalent “telephone” number to not be bound to a specific region, as explained earlier. For example, under the LRN model, an example number such as 503-xxx-xxxx does not necessarily signify it is based in the Portland, Oregon area. The number could easily have originally been held by someone who lived or operated a business number in the area, but moved outside of the 503 area code and ported the number to their new location’s carrier. The “503” as the first three digits of the number don’t correspond to an area code in the LRN system.

Addressing the Why to a Failed Number Port

Provided the number or numbers were portable as mandated by the FCC, we still need to examine why the port request failed. Before we explore the possibilities, we need to identify what the process looks like:

1. Your new service provider gathers information from you about your current account and phone numbers, including those that should be ported and those not to port.
2. The new provider notifies the old provider (also known as the losing carrier or provider in this context) about your requested number port.
3. The old provider requests validation of the subscriber’s information.
4. The new provider submits the requested information by the old provider.
5. The old provider confirms the subscriber(s) and notifies the new service provider.
6. The new service provider notifies the NPAC of the request to port.
7. The NPAC creates a pending port and sends a notification to the old service provider.
8. The old provider notifies the NPAC that it concurs with the port request.
9. The new service provider notifies the NPAC to activate the port.
10. The pending port is activated and broadcast to the telecommunications industry network.

Provided there are no errors with validation and the port is “simple” involving no more than one line, the port must be completed within one business day per the NPAC. By this definition, most other ports are “complex” by comparison due to murky and arbitrarily established rules typically regarding release date.

Often losing providers enact rules requiring 10 to 20 days for the porting process to be reviewed. During that time, the information provided by the new provider is scrutinized for inaccuracies. It can occur where even a slight error results in the new provider being notified of a port request rejection – typically at the end of the “porting process review” window and with little useful guidance on how to resolve the inaccuracy. If this occurs, the porting process must be repeated dragging out the time when a customer’s numbers are ported and resulting in repeated follow up communication by the new provider to try to sort out the inaccuracies that caused the initial port request to be denied.

This practice is intended to discourage customers from switching providers under the following pretenses:

• Customers do not want to lose numbers that have been in service for an appreciable length of time as it will require great effort and incur real costs to inform all relevant parties of the change, which is the primary benefit associated with number portability in the first place.
• Delays in the porting process could easily be pinned as the fault of the new provider as many steps of the porting process rely on the new provider. This can reduce the customer’s opinion of the new provider before their service has even started.
• Frustration with delays compounds with the above disenfranchising customers from transitioning to a new provider, and hopefully diminishes any real or perceived advantages the customer may have in regard to the new provider.

What Can Be Done to Aid Successful Porting

Admittedly, many are not familiar with the details found in their phone account with their long time provider. This information is usually in a document known as a Customer Service Report (CSR) that can be cryptic and may not include the full list of numbers service is provided for. Fees may be hidden among line items that are unclear or bundled under an item that doesn’t clearly designate what the fee corresponds to. For accounts with many years of service and have had many changes occur, it may be easier to simply pay the bill than try to parse and attempt to understand.

Successful porting to a new provider is facilitated by having a base understanding of your account as it exists before transitioning and exercising due diligence in the information provided to the new provider for the port. Here’s a quick list of things that help the process go faster and smoother:

• Ensure all of your phone bills are provided to the new provider for review if your organization’s numbers in service are spread over multiple accounts.
• When obtaining your CSR, be sure you have the losing carrier pull all the CSRs in a form you can understand.
• Provide a full list of your telephone numbers – even the ones you don’t intend on porting. The new provider needs to know what is on your account today and which numbers to include or exclude in the port request.
• Make sure there are no freezes, locks, open tickets, or pending orders on your account.
• If your account covers multiple addresses, provide each address and which numbers are used there.
• Refrain from making any changes to your account once you have provided your information your new provider. Any changes made between then and the decision on the port request may constitute an inaccuracy.
• Inquire if there is a PIN or passcode linked to your account.

The unfortunate reality of porting numbers is the losing provider would really prefer to not see you go leading to heavy scrutiny of the request submission and decision process. When your new provider requests information or to review the accuracy of the provided information, it’s to ensure every I is dotted and every T crossed.

While the number porting process can be long and somewhat left to the whims of the losing provider, NocTel offers interim options to keep moving forward with your service transition. These options include temporary phone numbers which your numbers in the porting process can forward to and in some cases, NocTel can install temporary legacy voice gateways to translate your SIP service to work with POTS.

If you’re fretful over the number porting process, let us know – we’ll find a way to get you going even before the numbers port and any hurdles in the process that may happen along the way.