80 likes | 259 Views
Security Concerns at Offshore Development Centers. MIS Practicum Presentation Week 6 Ashish Bahety. The Issue. The Issue: Security Concerns at offshore development centers. The Problem: Security Breaches Sale of personally identifiable information
E N D
Security Concerns at Offshore Development Centers MIS Practicum Presentation Week 6 Ashish Bahety
The Issue • The Issue: Security Concerns at offshore development centers. • The Problem: Security Breaches • Sale of personally identifiable information • Unintentional exposure of information to outsiders • Loss of Laptops, backup tapes • Dishonest insiders
How is the issue looked at? • By the Offshore Development Center • Overhyped • By the Client Company • “Necessary evil” • By the governments • Exporting Country (India/China) • Seriously: Hampers the industry as a whole • Importing Country (US) • Politically (Jobs are being lost) • Creating legislation forbidding information leaving US, or to inform customers that their data may be sent out.
Examples of the issue • TJX security breach: Credit Card • A security breach at HSBC's offshore data-processing unit in Bangalore has led to £233,000 being stolen from the accounts of a small number of UK customers. • Iron Mountain Inc lost backup tapes of client Time Warner Inc. holding personal data of 600,000 former and current Time Warner employees. • Bank of America lost an unencrypted backup tape with credit card information on up to 1.2 million federal employees while it was being shipped on a commercial airline.
Vendor and consultant white papers • Good idea of the different theories • What to outsource and what not? • How to select a vendor? • Guidelines to follow to reduce the risk.
Relevance to Academic Coursework • IS Security • Systems Analysis and Development • What to outsource and what not to? • Associated Risks • IS Planning • Global Supply Chain Management • What parts of the Supply Chain to outsource.
General Issue • General Issue: Security • Academic Research: • There is a huge cost to document each and every process that is outsourced. • Best people in the industry are used at the time of procuring the contract and then they are shifted. • Studies that identify the key factors and challenges:
What is being done? • Increased usage of “more” secure channels. • Training to employees to keep data secure. • Payment to hackers to test the system and identify the weak links. • Investment in secure facilities. • Careful analysis of vendor before selecting them. • Security Audits.