Escolar Documentos
Profissional Documentos
Cultura Documentos
While outsourcing presents new opportunities for companies, it also presents itself its share of challenges like Information Security and Intellectual Property concerns. As much as availability of content and the ease of use of this content grows, the concerns about protecting this content also grows. This white paper focuses on the information security challenges presented in the outsourcing model and the best practices adopted to mitigate this risk.
Raghuraman Ramamurthy
WHITEPAPER
BACKGROUND
The outsourced services model is increasingly being adopted by medium to large companies to take advantage of the financial benefits it offers and also enjoy the added advantages it presents like skills enhancement and flexibility of operations. While this presents a multitude of opportunities, it does not come without its share of challenges. The inherent structure of service providers in itself poses multiple challenges to Information Security. Their internal structure, multiple service units, shared infrastructure and shared resourceseach of these contribute to the challenge.
CHALLENGES
When an organization outsources services, it brings in a few challenges as follows.
WHITEPAPER
and how this requirement will be met. The interpretation and implementation is left to the IT teams bias and preferences. This leads to large inconsistencies in practices and lapses in implementation. While there are standards for security that are practiced by IT, customization is imperative based on requirement.
unintended actions rather than malicious attacks. These lapses are mostly caused due to lack of a properly documented security policy and inadequate training on security practices.
BEST PRACTICES
The following are some best practices that have evolved over years of experience that BWIR has acquired in successfully managing outsourced relationships for customers and for BarryWehmiller.
Distributed operations
With globally distributed operations, the challenge becomes more complex with practices and standards being different in different locations. Also, regulations vary for each country/state and the infrastructure available may also differ from location to location. This makes it very difficult for an organization to coordinate information security globally.
WHITEPAPER
Interpretation of security
While BWIR has specific processes and standards laid out for security, we make it a point that every customer is engaged in a discussion on specific security requirements that they may have to customize the models to suit their requirement. Data security policies and standards are then designed to suit the customer policies and standards to ensure that the maximum level of security is maintained. When there are multiple locations involved in delivery of services it becomes all the more important to ensure that policies are standardized and implemented across delivery locations.
Training
BWIR adopts a structured training process where training is extended not only to BWIR associates, but to customer stakeholders too to ensure they follow the same practices as their extended engineering teams.
CONCLUSION
The challenges of information security with outsourcing can be overcome to a large extent with the right mindset and approach to security. What is important is a systematic approach to security, a clear understanding of customer needs and ability to customize requirements for each customer within a given framework. This requires marrying the customer processes with that of the service providers and training all relevant stakeholders for adherence. It goes without saying that this requires appropriate infrastructure to enable enforcement.
About the author Raghuraman Ramamurthy (Raghu) is a Product ManagerEngineering Solutions with extensive experience in operations excellence and process optimization. Raghu carries experience from diverse industries and has spent most part of his career consulting, developing and implementing best practices for large outsourcing initiatives. About BWIR Barry-Wehmiller International Resources (BWIR) is part of the consulting platform of the $1.2 billion Barry -Wehmiller Companies Inc., a market leader in packaging, paper and paper converting capital equipment manufacturing, headquarter in St. Louis, Missouri with global operations. BWIR brings the best of both worldsthe dependability of a global billion dollar company with the benefits of distributed operations. BWIR has been recognized as a pioneer in outsourcing with a distributed global network of resources. ISO 9001:2008 certified, BWIR has validated systems and processes in place to deliver superior services to our customers.
USA 8020, Forsyth Boulevard, St. Louis, MO 63105 Phone: +1 (314) 862 8000 Fax: +1 (314) 862 4154 Toll free: +1 (800) 862 8020 INDIA MPL Silicon Towers, 23-1/B3, Velachery Tambaram Road, Pallikaranai, Chennai600 100 Phone: +91 (44) 4390 9100 Fax: +91 (314) 862 4154