Filed in archive
Opinions & Insights
by Gary Zeiss, Esq. on October 31, 2009
In a GlobalServices article published on October 29, 2009, IT managers were found to have some concerns regarding the security of their outsourced processes. It is unclear whether these concerns were based upon suspicion or actual discovery of security issues, or whether those same IT managers' internal infrastructures were equally as secure.
Alternatively, it could mean that a certain percentage of IT managers have a concern with the "out-of-sight, out-of-mind" nature of outsourcing relationships, where personal relationships and the ability to manage incrementally are replaced by formalized contracts and change orders.
The article goes on to suggest that outsourcing providers should seek formal security certifications (such as SAS/70, etc.) to help allay these fears. Depending on the underlying cause – actual experience, suspicion or discomfort – it isn't clear that a certification process will, in fact, make much of a difference. However, it is reasonable to expect that customers will continue to seek external certifications if for no other reason than to provide cover if a breach occurs. It is also reasonable to expect that certification authorities will grow and multiply to service this demand.
Alternatively, it could mean that a certain percentage of IT managers have a concern with the "out-of-sight, out-of-mind" nature of outsourcing relationships, where personal relationships and the ability to manage incrementally are replaced by formalized contracts and change orders.
The article goes on to suggest that outsourcing providers should seek formal security certifications (such as SAS/70, etc.) to help allay these fears. Depending on the underlying cause – actual experience, suspicion or discomfort – it isn't clear that a certification process will, in fact, make much of a difference. However, it is reasonable to expect that customers will continue to seek external certifications if for no other reason than to provide cover if a breach occurs. It is also reasonable to expect that certification authorities will grow and multiply to service this demand.
Permalink: Outsourcing and Security
Tags:
security,
sas70,
certification
outsourcing
security
outsourcing+security
october+2009
hedge+fund
Trackback: http://publish.creative-weblogging.com/publish/mt-tb.pl/165074
Addthis
Ask
Blinklist
del.icio.us
Digg
Fark
Facebook
Google
Lycos
Ma.gnolia
Mr Wong
Netscape
Netvousz
Newsvine
Reddit
StumbleUpon
Slashdot
Tailrank
Technorati
Wink
Yahoo
Vote for Outsourcing and Security :
|
Rating: 9.75 out of 4 vote(s) cast.
|
Response from:
Philam Outsourcer
(11/09/09 7:20pm)
Formalized contracts and change orders can guide an outsourcing relationship but nothing can replace the solid foundation that personal relationships between client and vendor with incremental management can build.
Subscribe
Use the search to look for other interesting posts
| RSS |  See all blog subscribe options |
 What is RSS? | |
| Yahoo! |
|
| Addthis |
|
| Bloglines |
|
| Newsletter | |
| Follow us on Twitter! |
