Security | 23 Apr 2007 :
Companies are
underestimating the security challenges posed by offshore
outsourcing, according to analyst
Gartner.
Different legal frameworks, financial environments, cultural variations
and lack of understanding of local regulatory
requirements are all contributing to security risks, says a report to be published by the analyst.
“Attitudes towards
security and privacy are different overseas,” said Gartner analyst Partha
Iyengar. “If a firm is outsourcing its payroll data to a centre in India, for example, a worker
might not think it is a big deal to discuss financial data with a colleague.”
“You have to have some
appreciation that damage can be caused even if it is not meant in a malicious
way. You have to protect the data more
and assess it on a need to know basis,” he said.
Gartner says firms that
have offshored are often faced with
the dilemma of having different policies in place for
their in-house employees in the local market and more
stringent policies for their offshore employees, creating a culture of distrust.
Employees should be
told that security measures are the result of regulatory
compliance and the same procedures should be introduced in all locations to
prevent this distrust, the report
says.