May 5, 2003 (Computerworld) --
MYRTLE BEACH, S.C. -- IT professionals are raising serious questions about the U.S. software industry's reliance on overseas software developers, arguing that the practice puts companies and the U.S. economy at risk. A recent study by Gartner Inc. predicts that by 2004, more than 80% of U.S. companies will consider outsourcing critical IT services, including software development, to countries such as India, Pakistan, Russia and China. But some users said the trend needs to be given a sanity check in light of recent changes in the global security environment. At last week's Techno-Security Conference here, users peppered a panel of corporate security officers with questions about the wisdom of outsourcing software development to cheap labor overseas, where there is little or no way to ascertain the security risk that workers may pose. Of particular concern to some attendees is the work that is being sent to China. While not yet a major provider of outsourcing services, China has a significant economic espionage program that targets U.S. technology, the users noted. Also of concern are countries in Southeast Asia, particularly Malaysia and Indonesia, where terrorist networks are known to exist. Speaking directly to Oracle Corp. Chief Security Officer Mary Ann Davidson, one audience member said that it's "ironic that the countries the software industry trusts the least with binary code are the places where source-code development is being sent." Davidson acknowledged that Oracle, which sells its software to all of the major U.S. intelligence agencies, does outsource some of its development work to companies in India and China. However, "we give read access, not write privileges, to developers in India," she said. "And for the work done in China, it's quality control, and they do not need source-code access to do that." Although Davidson acknowledged that there is "a national security issue" involved in moving development work overseas, she said there is also no guarantee that a worker who is a U.S. citizen won't intentionally harm source code. The economic situation today is such that "you can't build these products without non-U.S. citizens," said Davidson. "Whether you like it or not, our national secrets are already being preserved by people who built these parts of the core infrastructure, and they're not U.S. citizens." Assessing Risks Tim McKnight, chief information assurance officer at Los Angeles-based Northrup Grumman Corp. and a former security officer at Cisco Systems Inc., said companies must put in place a verification and auditing process. And he said that effort will be costly. "At Cisco, we had teams that would go overseas and verify the people that were there, monitor their access to file servers and source-code servers and
Computerworld Technology Briefing: An open-source path to optimal virtualization
Download this Technology Briefing now! (Source: Novell/IBM/Intel) Virtualization is about a lot more than just lowering total cost of ownership. In fact users that have taken an open source path to virtualization have realized the additional, mission-critical benefit of markedly reduced IT complexity, as well as a more flexible infrastructure that is easier to change to meet shifting, often unpredictable business requirements. Download this executive briefing
Advances in SSL and Certificate Management
Advances in SSL and Certificate Management View this webcast now! Go to the webcast
Driving Business Success Through Workgroup Choice and Flexibility
Download this white paper compliments of Novell! (Source: Novell) The structure of your workgroup environment plays a vital role in enabling your knowledge workers to be productive and collaborate securely. And IT choice and flexibility can mean the difference between reactive spending and proactive investment. Boost your competitive advantage with a workgroup infrastructure that lets you deliver the tools and services that are right for you. Download this white paper to learn how Novell offers a variety of solutions that give you the flexibility to address critical business initiatives and workforce productivity. Download this white paper
White Papers
Read up on the latest ideas and technologies from companies that sell hardware, software and services.
March 1-3, 2009
Rosen Shingle Creek Resort
Orlando, Florida
Protecting Exchange While it was once just a convenient way for employees to communicate internally, today e-mail systems like Exchange are tightly integrated with other business applications and are one of the primary methods for communicating with current and prospective customers. Protecting Exchange against costly downtime has become a top priority for more IT departments. So how do you ensure that your Exchange environment is always protected? Download this
white paper now!
XenServer FREE trial
Citrix XenServer is the simplest and most effective way to virtualize and provision servers. XenServer combines comprehensive server virtualization capabilities with unparalleled scalability, performance, economics, and ease-of-use. Based on the open source Xen hypervisor, XenServer delivers fast performance, easy management, and advanced features such as live migration.
See your link here
Subscribe to
Computerworld 
or
Other Outsourcing Stories
Download this Technology Briefing now! 
Advances in SSL and Certificate Management
Download this white paper compliments of Novell!
Read up on the latest ideas and technologies from companies that sell hardware, software and services.
While it was once just a convenient way for employees to communicate internally, today e-mail systems like Exchange are tightly integrated with other business applications and are one of the primary methods for communicating with current and prospective customers. Protecting Exchange against costly downtime has become a top priority for more IT departments. So how do you ensure that your Exchange environment is always protected?
