Data Diligence

Jennifer Jones   Today’s Top Stories   or  Other Outsourcing Stories  

Eric Schmidt and Douglas Merrill talk about Google Apps Google Applications Quick Tour Video: The Business Value Proposition of BSM Web 2.0 The New Face of the Web Best Practices in Choosing and Consuming Managed Security Services A Guide to Messaging Archiving Learn-Fast Guide: It's All About You Six Questions To Ask About Information And Competition Virtual Reality Sign up to receive Outsourcing Resource Alerts

November 14, 2005 (Computerworld) -- It's time to bring on a managed service provider. First, hire all the lawyers -- or at least consider having some legal representation. Ideally, enterprises large and small will have access to an IT attorney who specializes in security, privacy and the myriad new data disclosure laws that regulate many sectors.

Minus legal representation, companies could be open to serious liability. For instance, if an MSP is hacked or personal data is stolen or compromised by MSP employees, the customer will be held entirely responsible. Hence, agreements should spell out security measures and background checks.

"There should at least be an agreement in place that ensures MSPs disclose breaches," suggests Michael Rasmussen, an analyst in Forrester Research Inc.'s enterprise risk/compliance management group.

Be warned, however, that lawyers who know the ins and outs of these areas are hard to find. Given this scarcity of seasoned IT attorneys, some businesses have the option of spending long hours educating corporate lawyers on the nuances of hiring an MSP or simply forgoing legal representation altogether.

Most experts agree that some attorney involvement is better than none at all and urge enterprises to invest upfront to guard against legal and security land mines - a rigorous exercise, but one with many potential payoffs. For instance, MSP negotiations offer a chance to re-examine languishing privacy policies or to comb through and tighten security measures.

For these reasons, MSP agreements brokered by larger corporations almost always filter through legal departments. Says Mike Kline, manager of network operations at KB Toys Inc. in Pittsfield, Mass., "Absolutely every contract KB Toys signs goes through our in-house counsel for approval. What they typically do is add our own terms that govern areas such as exclusivity, liability and privacy." The retailer of children's products relies on MSP Atrion Networking Corp. in Warwick, R.I., for managed network services.

At Wine Warehouse in Commerce, Calif., lawyers are included early on. "Once it is determined that the MSP is a viable candidate and that the services merit the investment required, then a series of 'what if' scenarios should be run through," advises Kim Bugayong, vice president of IT. Wine Warehouse outsources services such as patch management and server and backup monitoring to provider Alvaka Networks Inc. in Huntington Beach, Calif.

Vigilance is prudent, not because MSPs are neglectful but because problems are common, experts say. "When outsourcing, it is surprisingly easy to do things like run afoul of a privacy policy," says Dennis Kennedy, an IT attorney in St. Louis.

Small to midsize businesses are the most vulnerable. "These companies are often run by CEOs who don't always know they need a lawyer

Continued...
1 | 2 | 3 | NEXT  

Print this Story

Send Us Feedback

E-mail this Story

Digg this Story

Slashdot this Story

"Mainframe security pilot fish works for a company that has big iron in the U.S., Europe and Asia -- and..." Read more... "Support pilot fish gets a call from a user whose computer won't boot -- and fish quickly determines that it's..." Read more... Read more Management posts or See all Blogs

Microsoft: 'Vista Capable' lawyers trying to hijack Windows Update Update: McCain protests YouTube's removal of his campaign videos Virtualization leads Gartner's top 10 strategic technologies for 2009 More top stories...

Remote Control: NASA works to repair Hubble's failed computer Cisco demos public rooms for TelePresence Oracle issues 36 patches, but is anyone applying them?

Q&A: E-voting security results 'awful,' says Ohio secretary of state How bad? 'I thought I was going to throw up,' Jennifer Brunner recalls. IT's biggest project failures -- and what we can learn from them Think your project's off track and over budget? Learn a lesson or two from these infamous project flameouts. Sprint's 4G Xohm WiMax: How fast is it? In our hands-on testing, the new Xohm WiMax network from Sprint was fast and smooth -- but for now, you have to be in Baltimore to get it. Accused Palin hacker has a history of intrusion College student David Kernell allegedly broke into a middle school server eight years ago, according to a former teacher. Windows Vista A to Z Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS. More Continuing Coverage After 9/11: Homeland Security Apple's iPhone Ask a Premier 100 IT Leader Bill Gates steps down BlackBerry Legal Battle Data Security Breaches Electronic Voting Firefox H-1B Visas HP's Boardroom Scandal Handheld Devices Hurricane Katrina Aftermath Microsoft Legal Issues Microsoft's Vista Open Source RFID Technology SCO's Linux Fight Sarbanes-Oxley Act Spam Voice Over IP Wi-Fi Windows Meta File Vulnerability Windows XP Service Pack 3 IT Careers 2010 Four years from now, the IT field will be a vastly different place. Will you be ready? More Special Reports Premier 100 IT Leaders 2007 Best in Class 2006 Computerworld Horizon Awards 2006 Premier 100 IT Leaders 2006 Salary Survey 2007 Best Places to Work in IT 2007 IT Forecast 2007 Premier 100 IT Leaders 40 Years of Computerworld ASPs, Take Two Best Places to Work in IT 2003 Best Places to Work in IT 2004 Best Places to Work in IT 2005 Best Places to Work in IT 2006 Business Intelligence Home Runs Business Intelligence: Smarter BI Business Intelligence: The Future of BI CRM Goes Vertical CRM: Sober CRM Career Planning Guide 2005 Careers: IT Profession 2010 Computerworld Horizon Awards 2005 Data Management: Mining for Gems Data Management: Taming Data Chaos Development: Hard-Workin' Web Sites Development: New Tools New Choices Development: The New World of Application Development Development: The Web Services Tsunami Development: Web Services Hurdles Disaster Recovery: Preparing for the Worst E-commerce Grows Up E-mail/Groupware: Big Decisions Faces of Mobile IT Forecast 2006 Global Mobile Hardware: Multiple Cores, Multiple Challenges Hardware: On-Demand Un-Hyped Hardware: The Shape of Things to Come Horizon Awards: 10 Cool Cutting Edge Technologies IT Management: Guide to Managing Vendors IT Management: Navigating Global IT IT Management: Recovery Ahead IT Management: The Future of IT IT Management: The Resourceful Project Manager Innovative Technology Awards 2004 Management: Reinventing IT Microsoft in Transition Mobile/Wireless Leaders and Laggards Mobile/Wireless: The Untethered Worker Mobile/Wireless: Tiny Gadgets, Huge Costs Network Management: Taking Control Networking: Turbulence Ahead! Networking: VoIP Goes Mainstream Operating Systems: In the Slow Lane Operating Systems: Linux Goes Global Operating Systems: Should You Nix Unix? Outsourcing: Offshore Buyer's Guide Outsourcing: Outsourcing Dangers Premier 100 IT Leaders 2004 Best in Class Premier 100 IT Leaders 2005 Best in Class ROI: Do the Math! Salary Survey 2003 Salary Survey 2004 Salary Survey 2005 Security Action Plan Security: Compliance Headaches Security: Proactive Security Security: Risk and Reward Security: Tips From Security Pros Souped-up Security Storage: Battling Complexity Storage: Cheap & Secure Data Stores Storage: Stretching Your Storage Dollars Storage: The Lean Storage Machine Storage: The New Rules of Storage Storage: The Ultimate Backup Guide Supply Chain: Missing Links Supply Chain: RFID Reality Check The Business of Security Web 2.0 Security Wireless: Wireless At Work All Zones Application Performance Zone Business Continuity Zone The File Data Management Zone Security Management Zone The SAS Zone Business Intelligence and Analytics Zone Windows Protection Zone The Enterprise Search Zone Software as a Service Zone The Security Zone See your link here

Learn-Fast Guide: It's All About You (Source: Computerworld) Is your career in sync with the current megatrends: business alignment, globalization, the consumerization of IT, web 2.0 and beyond? In this guide, you'll get advice about how to make yourself more valuable, how to make the global talent pool work for you and how to make sure you "get found" when you put yourself out there. Download this executive briefing  How Much Will an Office 2007 and Vista Migration Hurt? Download this white paper, free, compliments of PCHelps Support! (Source: PCHelps Support) The anticipation of rolling out Office 2007 and Vista to thousands of end users has many IT professionals sounding like youngsters at the doctor's office who are about to get a shot. The question they just can't get out of their minds is, "How much will it hurt?" Download this white paper  From Laggard to Leader: Transforming the Data Center From Laggard to Leader: Transforming the Data Center Register for this complimentary webcast today! Go to the webcast  White Papers Read up on the latest ideas and technologies from companies that sell hardware, software and services. Grant Thornton Achieves 99.7% Tracking of Remote Assets Virtualization Technologies and Their Impact on Disaster Recovery LIVEWIRE™: Full-Server Protecting and Recovery in Real-Time View more whitepapers

• Microsoft: 'Vista Capable' lawyers trying to hijack Windows Update
• Remote Control: NASA works to repair Hubble's failed computer
• Update: McCain protests YouTube's removal of his campaign videos
• More top stories 

Creating Tiered Storage Architecture This paper shows how Brocade StorageX enables tiers of storage across Windows and NetApp storage to align storage practices with organizational objectives. Download this white paper now!