Many of the risks in outsourcing to India based companies have been mitigated through trial and error along with the adoption of best practices emerging from all parts of the globe. Over the past 7-10 years, many security risk analysis and reviews have resulted in controls being implemented in most facets of security: administratively, physically and technically. Contracts now have the appropriate language to protect sensitive data and physical security measures have been built to align with the client’s company policies and standards. The technical measures continue to build upon a strong foundation built in partnerships with government and outsourcing firms.
As we gain the benefits of this maturing environment, it becomes increasingly challenging for the India based outsourcers to remain competitive in the world economy. Many outsourcers realize this issue and have turned to China for the answers.
As businesses attempt to keep variable cost structures intact and operational costs down, China presents itself favorably. India based outsourcers are starting to reduce their costs by outsourcing your BPO process to China to remain cost competitive and offset client defection. This change allows them to remain competitive in the world economy but this places a big question back on the security risks we have started to overcome with India over the past few years. No matter which way this outsourcing arrangement occurs, one point remains the same… new data distribution points means increased risk and exposure for companies and their customers until they are reassessed.
On the surface the BPO outsourcing appears as a reduction in the cost associated with the outsourcing partner. From an information security perspective, red flags should pop up early, especially in the review process, to question the cost savings and how it will be achieved in light of potential increases in due diligence and due care. Information security brings enormous value to the table since part of our mantra is to ensure that businesses can truly keep those cost savings it expects while maintaining the proper security posture.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.