Most organizations still need to enhance security reviews of all services procurements, according to META Group, Inc. Furthermore, the company's recent research reveals that reviews of outsourcer policies (e.g., personnel, physical security, perimeter, remote access) and process (e.g., security monitoring and response, malicious code protection, configuration management) as well as provisions for periodic compliance audits should be negotiated early for any procurement.

"Organizations should institute rigorous security reviews on all IT services procurements, regardless of provider," said META Group IT security analyst Chris King. "Some offshore engagements have a few more areas of scrutiny (local laws and legal recourse) than similar onshore engagements, but otherwise there's little difference. In fact, some of the offshore outsourcers are actually doing more on the security front than their domestic counterparts."

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access