There should be an ISO standard with respect to how much power and information that front line customer support agents have. The more information you need, like changing passwords or accessing personal information, should get forwarded to higher level customer support agents with better training and more monitoring. This way you can design customer support experience with as little exposure to security issues as possible.
> better training and more monitoring.
That’s very load-bearing. It won’t help.
The CS reps are based in a LCOL country so the opportunity for theft is simply incredibly lucrative.
What is really needed, is customer-in-the-loop for access to their data. The problem is, not all accesses would make sense. Doing analytics over the data of the top 1% of customers, for example, requires some level of access, but would freak out those customers if they had to approve it.
If it would freak out the customers, maybe they shouldn’t be doing it.
That’s a nice thought, but naive.
What about, for example, a higher-tier support person performing QA over someone else’s work? What about DFIR teams doing research on potential abuse? Etc etc.
They main defense against internal attacks is bookkeeping. Banks have been dealing with this for thousands of years. I recommend the corresponding chapter in Security Engineering by Ross Anderson: https://www.cl.cam.ac.uk/archive/rja14/Papers/SEv3-ch12.pdf
Bookkeeping will alert you to employees stealing your money. It won't alert you to employees selling information.
Compartmentalization is a very expensive customer support model.