As I lay out in my book Outsourcing Information Security, here is some going-forward advice to those on the verge of making outsourcing decisions or rushing for cover from the fallout of the Satyam tragedy and possibly going from the frying pan into the fire. Do not put all your eggs in one basket and be sure to retain sufficient in-house capability to be able to reconstitute outsourced functions in the event of some form of failure of the outsourcer.
Also, as I have expressed many times before, most recently in an article “Safe and Sound” in FST Magazine at www.usfst.com/currentissue/article.asp?art=275185&issue=281 , one should beware of “function creep,” which can surreptitiously increase one’s dependency on service providers. In the article (and in my book), I also refer to a rash of outsourcer failures in 2001 and the problems to which customers were subjected. The rapid failure of Pilot Network Services and the repercussions on 200 abandoned customers are described in an August 1, 2001 CIO Magazine article “Outsourcing: What You Can Do If Your Security Vendor Fails” by Scott Berinato at www.cio.com/article/30411/Outsourcing_What_You_Can_Do_If_Your_Security_Vendor_Fails
Popularity: 1%
