Computerworld
Home News Blogs ReviewsWhite Papers Newsletters IT Careers

resource center


Ads by TechWords

See your link here

Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
 

Print edition

Legal Insecurities Stymie Web Site Outsourcing Deal

Major security concerns take a back seat as ASP and corporate lawyers argue over minute details

By Vince Tuesday
September 3, 2001 12:00 PM ET
Recommended
(0)
Digg
Share/Email

Computerworld - My organization is changing rapidly these days. We're selling our key technology in several global markets, and we're looking for ways to improve the way we work. One avenue is through outsourcing.
After an internal debate about outsourcing our security monitoring work, we concluded that the time wasn't yet right. However, we are ready to outsource other technologies. These aren't core to our business, and they're expensive and difficult to do properly. One such technology is our outward-facing Web site.

THISWEEK'SLINKS

Want to know which legal security issues might affect your organization? From HIPAA to the Gramm-Leach-Bliley Act, you’ll find the details in the Bethesda, Md.-based SANS Institute’s Information Security Reading Room.

Look here for a useful collection of links about important legal security issues.

SECURITY BOOKSHELF:

Know Your Enemy, by Lance Spitzner, (Addison-Wesley, 2001) is an offshoot of the Honeynet Project and sets out to explain some of the knowledge the project leaders have gained from running a honeynet.

Like a honeypot, a honeynet tries to trick an attacker into wasting time and revealing his hand by attacking a fake system. But a honeynet does this on a much larger scale: It appears to be a whole company online, complete with Web, e-mail and domain-name servers.

Spitzner runs an excellent Web site, but the book is disappointing. The writing is stilted and highly repetitive. What’s worse, the book takes a fascinating and enthralling project and trivializes it to a simplistic technical write-up and then pads it out with pages and pages of filler.

The project leaders obviously learned from many failures, but we never get to hear about them. Instead, we get the lessons learned in dry, technical prose. This book fails to capture their pioneering spirit and the risks they took to gather valuable knowledge. That’s a pity, because both the technical knowledge and the personal experience of running the Honeynet Project are fascinating.
It sounds like a very simple task, outsourcing a straightforward service. But the use of an outside vendor raises a range of security concerns that need to be addressed in service-level agreements (SLA) and legal contracts. Before we can deal with those problems, however, we have to select a supplier, which leads to more legal issues.
Before I specialized in security, my professional background was dark and mysterious. I used to be heavily involved in network provision to the academic community, and as part of this, I was once very senior in the world of domain-name services. This experience encouraged my naturally strong cynicism, as I could have domain-squatted on some


Recommend Digg Twitter ShareThis
Email Print Send Feedback Reprints

Additional Resources

POLL RESULTS
Leading IT Pros Weigh In on Top IT Issues
Accelerate your knowledge of the IT world you inhabit by viewing the results of a series of polls taken by your IT peers. These polls of 100+ IT professionals each are available for full viewing. They cover key topics such as virtualization, processor performance, green IT, cloud computing and many others. Be a part of the buzz.
WHITE PAPER
For Best Results, Think Beyond the Box
Technology is complex. Keeping it running productively shouldn't be. To that end, you want to minimize the number of solutions needed in-house to simplify operations, maintenance, and support. Kodak offers a best-practices model. One company provides support for both scanner and software, for fast problem resolution without vendor finger-pointing. Download now!
WHITE PAPER
Accelerating the Path to Demand Intelligence with a Demand Signal Repository
Utilizing demand intelligence improves the precision of pricing, product assortments, channel/store placement, and promotion, which are all essential for sustainable revenue management performance. Learn more, download this free whitepaper today.

White Papers & Webcasts

IT Modernization in Government
As IT budgets are slashed, IT management pressures rise and legacy systems linger in government organizations, modernizing the IT infrastructure and applications has...  

Strategic ECM Webinar
Learn what new strategic business benefits can be realized through ECM!...

2009 Gartner Magic Quadrant Report
Truly understand your options for WAN Optimization Controllers...  

Managing And Protecting Your Ever Increasing Mobile Assets
Learn best practices for desktop and application virtualization, computer security, and computer life-cycle management....

Tech Horizons: ASG's metaCMDB, The Technology That Rocks
Improved business productivity often requires more efficient IT and more efficient IT cannot be achieved without a better understanding of the way business...  

5 Architecture Issues that Impact BES performance
This Live webinar will identify critical log file errors, performance counters, and configurations to pay close attention to when optimizing BES server performance....

The Vector Approach to Data Center Power Planning
This white paper describes an approach that considers the major milestones and thresholds in data center power requirements-and how planners should adjust their...  

Usability Is Everything
Learn what sets Workday's HR and Payroll solutions apart from the competition....

Yankee Group Mobile WAN Optimization Report
Mobile work continues to evolve. Learn how to keep up with the demands of your organization's mobile workforce....  

The Value of Real SaaS at Workday
Cost savings, speed to value, and innovation brought to the enterprise by Workday's software-as-a-service solutions for HR and Payroll....

All White Papers | All Webcasts

Computerworld Reports

An Interactive eBook: Enterprise Security

The Business Case for Server Virtualization

Computerworld Technology Briefing: Intelligent Users Use Business Intelligence

All Computerworld Reports
 

About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.