Careers & Certifications

04:00 AM
Connect Directly
RSS
E-Mail
50%
50%

How To Assess Offshore Data Security

Secure offshore outsourcing takes similar strategic thinking as in-house work.

The global IT outsourcing trend shows every sign of continuing, with two-thirds of the 2007 InformationWeek 500 tapping offshore outsourcing. With experience, companies get confident in moving ever-more-sensitive IT or business processing work abroad. One of the foremost concerns for business technology managers is exposing data, so here we provide a broad overview of key areas to watch and delve deeper with offshore partners.

For starters, don't lose perspective. Data sent offshore faces the same basic risks as data kept in-house, including theft by employees, compromise by intruder, exposure by error or loss, and corporate espionage. Yet given the sensitivity to offshore data and likely resulting backlash, plus the different legal standards companies may face, the problems caused by data loss abroad could be amplified. Use the heightened sensitivity around offshoring as a reason to thoroughly test partners--and assess in-house operations.

InformationWeek Reports

Security concerns surrounding offshoring aren't all xenophobia, since legal recourse around data and intellectual property can vary greatly country to country. Gartner, for example, gave India a "good" rating for data and IP protection, China "poor," Brazil "fair," and Mexico "very good" in a series of reports in November. And the gap between the letter and reality of law as it's enforced can be vast. Brad Peterson, a lawyer at Mayer Brown, whose 1,800 lawyers include 300 in Asia, shares the story of a U.S. company, which he declines to name, that spent more than $2 million in India fighting intellectual property theft by a competitor. It won at all levels of the legal system, but the rival continued to operate with the stolen property. Any country offers benefits and drawbacks to be weighed case by case. In all, contracts should spell out security standards and recourse, but technical and physical controls are the front-line defenses to rely upon.

CERTIFIABLE IS GOOD

Previous
1 of 5
Next
Comment  | 
Print  | 
More Insights
Cartoon
Slideshows
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
Video
Twitter Feed