Cheap labor and increased efficiencies continue to drive major U.S. companies to open and expand offshore operations throughout India, Southeast Asia and Europe. India's National Association of Software and Service Companies reported recently that India's outsourcing industry is creating jobs at the rate of nearly 100,000 a year, and its revenue is growing at more than 40% annually. Analyst firm Gartner Inc. estimates that global spending on offshore outsourcing services will top $50 billion by 2007.

One major concern in this scheme of things is "Data Security", As many of these outsourced operations involve handling and processing customer transactions and sensitive personal information, exposing outsourcing facilities to the same risk of data theft occurring domestically in the originating country of the transaction. In order to prevent data breaches on the magnitude of what has occurred in the U.S., companies must implement strategies to ensure that the same security standards that they place on their corporate data are being required of companies they partner with across the globe to process their customers' financial and personal information.

Some of the approaches recommended at the outsourcing facility, is listed below as per this piece in ComputerWorld.

• Encrypt all data in storage and in transit.


• Physical security controls should be in place to mitigate the risk of data leaving the facility via magnetic or optical media, recording devices, cameras and hard copies.


• Ensure that sending any data in or out is monitored or even prevented for e-mail, Web mail, FTP, and data- and file-transfer Web sites (by controlling Web site access). Only essential Internet communications should be allowed.


• At the desktop, prevent any unauthorized data from entering or leaving the network via Universal Serial Bus (such as USB sticks) and FireWire devices (such as iPods), CD, DVD, floppy drive, SCSI, parallel or any of the other ports.


• Each employee should be vetted for criminal records and credit history to see if he poses a high security risk. Simply put, if you can't manage your own finances, you shouldn't be entrusted to manage the financial records of others.

A chain is only as strong as its weakest link, and unless U.S. companies shore up security at outsourcing locations, operations across the entire company will be put at risk.

Source: ComputerWorld

Prashanth RaiTag(s): Security, OutSource