IDC: Security Isn't A Barrier to Offshore Outsourcing
IDC surveyed 30 top U.S. companies about their experiences in leveraging an offshore business model.
By Paul Roberts
September 30, 2004 — CSO — There's always something to worry about. Like offshore outsourcing, for instance. U.S. companies have turned to offshore outsourcing firms in recent years as an affordable way to tap pools of skilled software developers in countries such as India, Russia and China. But moving sensitive development, design and support work overseas brings with it compliance issues and fears of IP theft.
IDC surveyed 30 top U.S. companies about their experiences in leveraging an offshore business model. Among the top 10 concerns were "unknown legal rights" and "unknown suppliers," says Barry Mason, senior research analyst for the AppSourcing research program at IDC.
Should misconduct surface, U.S. executives are unlikely to find recourse through the legal systems in non-Western countries. "The biggest issues are prevention and prosecution, and that's difficult in a foreign country," Mason says. Still, overall, security was less of a concern among the executives surveyed than practical obstacles to outsourcing such as language, culture and time zone differences, he says.
The keys to successful offshore outsourcing projects are to treat security issues as part of the overall project management, include explicit language about IT and physical security into contracts, and, whenever possible, vet both the outsourcing company and its staff, he says. - Paul Roberts
Read more about global security in CSOonline's Global Security section.
Other stories by Paul Roberts
Insight into dealing with culture clashes, varied regulations, corporate espionge, and the logistics of managing global security
Assante: Bad new world of cyber-risk
Protecting employees in global hotspots
How to manage security halfway around the world
Corporate espionage: tomorrow arrived yesterday
Nation states' espionage and counterespionage
China: counterfeit goods factory
- Balancing Increasing Security Requirements with Decreasing Budgets
- Gain Control of the New Threat Landscape
- Securing Your BYOD Strategy: Cisco Secure Mobility Solutions
- Securing Your BYOD Strategy: Cisco Secure Mobility Solutions
- Introduction to VMware vCenter Site Recovery Manager 5
- Reliable Disaster Protection with VMware vCenter Site Recovery Manager
- Overcome Top 7 Admin Challenges of Active Directory
- X-Ray of the PCI Process-4 Proactive Steps
- Beyond SFTP: Five Ways Secure Managed File Transfer Can Improve Your Business
- Secure Managed File Transfer: Bringing Coherence & Control to Compliance
- The TCO of FTP: Hidden Costs of "Free" File Sharing
- Streamline, Speed and Secure the Supply Chain with Managed File Transfer
- Patch Tuesday preview, February 2012
Microsoft published its Patch Tuesday Preview for February of 2012 a few minutes ago. IT admins can expect nine bulletins to address 21 security vulnerabilities.
It looks like four bulletins will be rated critical while the rest are designated as important.
Affected Microsoft products are:
- M86 report proves water is wet
- Actor, banker, soldier, spy: Suits and Spooks Anti-Conference aims to redefine security
More Salted Hash with Bill Brenner
