Outsourcing and Security
In a GlobalServices article published on October 29, 2009, IT managers were found to have some concerns regarding the security of their outsourced processes. It is unclear whether these concerns were based upon suspicion or actual discovery of security issues, or whether those same IT managers’ internal infrastructures were equally as secure.
Alternatively, it could mean that a certain percentage of IT managers have a concern with the “out-of-sight, out-of-mind” nature of outsourcing relationships, where personal relationships and the ability to manage incrementally are replaced by formalized contracts and change orders.
The article goes on to suggest that outsourcing providers should seek formal security certifications (such as SAS/70, etc.) to help allay these fears. Depending on the underlying cause — actual experience, suspicion or discomfort — it isn’t clear that a certification process will, in fact, make much of a difference. However, it is reasonable to expect that customers will continue to seek external certifications if for no other reason than to provide cover if a breach occurs. It is also reasonable to expect that certification authorities will grow and multiply to service this demand.
1 Comment
Comments RSS
TrackBack Identifier URI
Leave a comment
Formalized contracts and change orders can guide an outsourcing relationship but nothing can replace the solid foundation that personal relationships between client and vendor with incremental management can build.
Comment by Philam Outsourcer on November 9, 2009 7:20 pm