Shark Bait

Knowledge Centers

Operating Systems

Networking & Internet

Mobile & Wireless

Security

Storage

Business Intelligence

Servers & Data Center

Computerworld Reports

Industry

See your link here

C. J. Kelly

A Day in the Life of an Information Security Officer

Offshoring might be security hell

5 comments

IT TOPICS:Security

Read this article and then talk to me about how you feel. Lots of big banks and credit card companies have offshored their call centers. Call center employees have access to banking and credit card customers personal information. A large quantity of this business is in India.

India's laws are different than U.S. law. Tracking down some rotten schmuck who compromised personal information and commited fraud to the tune of $425K is probably not going to be a fruitful pursuit. He worked in a call center in India. No one even verified his address before they hired him. Now they can't track him down.

According to the story, "The National Association of Software and Service Companies (Nasscom) in Delhi has set up a national skills registry (NSR) of employees of back-office operations and call centers in order to provide employers with information about potential workers." But this guy wasn't in the database. I just wonder what the hiring process looks like over there. Guy walks in off the street, gets hired in a call center, after all, how many brain cells does that take? Is put to work without the background investigation process and voila, he has access to sensitive information.

If anyone knows of any examples personally, of a company that has offshored their call center to India from the U.S. and has very tight security, I would like to hear about it.

Email this

Digg this

What People Are Saying

Add new comment

I have a suggestion for you

Submitted by Anonymous on July 3, 2006 - 5:16 A.M.

I have a suggestion for you guys who comment on data security regulations in India....pay it a visit and see it for yourself. People there are conciously and continuously going extra mile to secure every transaction that takes place (even dumping their cell-phones and iPods before they enter the work floor). A pond should not be judged by few of its rotten fishes; which you can find everywhere.

HSBC should take the responsibility and all other companies, outsourcing work to India, should take the lesson. A proper background information check is probably as mandatory as the CV of the candidate.

The fiasco is simply a matter of not minding your steps before moving...Cheers!

Report this comment

Kelly, Thanks for your nice

Submitted by Razib Ahmed on July 2, 2006 - 6:28 A.M.

Kelly,
Thanks for your nice article. I agree with most of what you say here as you have stated facts not fiction or even opinion.
I just want to add one thing. Offshoring is taking place not to benefit the economies of India or Phillipines. It is taking place only for the desire of US consumers to have prodcuts and services at a cheap price and for the desire of the US companies to cut their production cost and make more profit. So, the ultimate choice lies on the US consumers and companies not on the Asians. If tomorrow all western companies decide to stop offshoring and outsourcing, then Asian companies cannot say or do anything.

Report this comment

Since HSBC choose to 'save'

Submitted by Steve on June 30, 2006 - 1:27 P.M.

Since HSBC choose to 'save' money by putting their customer's data offshore, they should be required to reimburse the $425K, pay for lifelong credit monitoring on the victims of their shortsighted decision, and get stuck with a hefty fine to boot. Do this a few times to the companies that play footloose and fancy free with their customers data and you'll see a lot more attention paid to the security implications of these business decisions.

Report this comment

There are many to name

Submitted by Anonymous on June 29, 2006 - 10:49 P.M.

There are many to name .Offshoring Does not mean just moving Your Back Office jobs to any X,Y,Z company who Bill You less.That is where Standard comes in to picture .You must know Whom You are giving the Job ,What standard they maintain to hire and what is the Quality of their Resource.Infosys is a company which is rated high when it comes to standard where the Employee who joins the Organisation has brilliant Academic record and from the top 10% of the best Graduates.Action speaks for itself that is why its getting accolades from each part of the Gloabe.

Report this comment

/ Infosys...? Is this a

Submitted by Anonymous on June 30, 2006 - 11:05 A.M.

/
Infosys...?

Is this a commercial?

Are you saying that the upper 10% of a class is never a member of the criminal class?

Agents from the FBI, CIA, IRS, etc all have members that ended up being members of the criminal class.

Its just a matter of time.... but the real question is....will the U.S. entity that did the off-shoring be held responsable in U.S. courts?

Report this comment

Ask Amir: How do spammers send from my email address?

She doesn't happen to work in corporate communications, does she?

OMG! Microsoft patents sudo! Linux and MacOS dead!

Spam laws around the world

Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...

All White Papers | All Webcasts