Ads by TechWords

See your link here
Receive the latest technology news and information.
Networking
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

How to keep data safe when outsourcing offshore

July 28, 2005 12:00 PM ET

Computerworld - As U.S. businesses, policy-makers and security experts work to stem the tide of data thefts, an equal or greater vulnerability lurks overseas -- the level of network and physical security at outsourced operations of U.S. corporations.
Cheap labor and increased efficiencies continue to drive major U.S. companies to open and expand offshore operations throughout India, Southeast Asia and Europe. India's National Association of Software and Service Companies reported recently that India's outsourcing industry is creating jobs at the rate of nearly 100,000 a year, and its revenue is growing at more than 40% annually. Analyst firm Gartner Inc. estimates that global spending on offshore outsourcing services will top $50 billion by 2007.
Many of these outsourced operations involve handling and processing customer transactions and sensitive personal information, exposing outsourcing facilities to the same risk of data theft occurring domestically. As U.S. companies increase operations abroad, many aren't ramping up IT or physical security measures at these locations to manage that growth.
In order to prevent data breaches on the magnitude of what has occurred in the U.S., companies must implement strategies to ensure that the same security standards that they place on their corporate data are being required of companies they partner with across the globe to process their customers' financial and personal information.
Several factors magnify the risk of data thefts occurring at outsourcing locations. First, when it comes to outsourcing, U.S. privacy legislation is quite lax relative to European Union regulations. Here, U.S. privacy protections effectively end at the border, placing the onus squarely on the shoulders of the U.S. company if a data breach occurs offshore.
In sharp contrast, European consumers are afforded considerably greater protection by an EU law that permits personal data to be sent offshore only to countries whose privacy laws have been deemed to provide equivalent privacy protection and that have been found to have strong enforcement capabilities.
Similarly, some of the leading outsourcing destinations, such as India, China, the Philippines, Malaysia and Pakistan, lack sufficient privacy legislation. For example, the University of California, San Francisco, Medical Center had a contract with an in-state company to transcribe the dictated notes of doctors and other health care providers. The company, Transcription Stat in Sausalito, Calif., subcontracted the work to a Florida firm that then subcontracted it to a Texas outfit that ultimately hired someone in Pakistan to transcribe the notes, according to the university. Last fall, the medical center received an e-mail from the Pakistani transcriber claiming that she had not been paid and



Jump to comments

Security

Additional Resources

EFD vs. HDD - What You Need to Know
WHITE PAPER
Enterprise flash drives provide a new Tier 0 storage layer capable of delivering high I/O performance at a very low latency. Proper use of EFDs in an Oracle environment can deliver increased performance compared to fibre channel drives. Read the recommendations for identification of the best DB components for EFDs.
Gartner Research Report: Magic Quadrant for Application Delivery Controllers, 2009
WHITE PAPER
The market for products to improve the delivery of application software over networks remains dynamic and innovative. Vendors focused on solving enterprises' most-pressing application problems have become the top players.
Eight Criteria for Server Load Balancing
WHITE PAPER
Server load balancers are a simple yet highly effective means to scale an application environment while ensuring its availability. Today's solutions should also address application performance and security. Read about the top eight criteria you should consider when choosing a server load balancer and how Citrix NetScaler meets those requirements.

White Papers & Webcasts

Death to PST Files
Download Now  

Business Process Framework Demo
Learn about Configurable Business Processes and Calculated Fields. Watch Now!

A Green Architectural Strategy That Puts IT in the Black
Levergage green computing across your data center. Read more now.  

Manager Experience Demo
Go beyond self-service solutions to perform more effectively. Watch Now.

Quantifying the Business Value of VMware View
Learn why you should invest in a centralized virtual desktop.  

Asia-Pacific Enterprise Network Solutions
Learn through this Webcast how your business can achieve reliability, performance and value in hard-to-reach locations within the Asia-Pacific region.

Mainsoft Webcast w/ Forrester Research: Drive SharePoint Adoption in Lotus Notes Shops
How can you drive mainstream user adoption of Microsoft SharePoint when your users rely on Lotus Notes?


IT Jobs