The risk of offshoring security

Kim Crawley, security researcher for InfoSec Institute

Speaking of business ethics, the most effective blackhats are people who used to do IT and computing work for the companies they were laid off from. They have intimate, insider information about how their networks and computing systems work, and their security policies. When a technical worker has been laid off, and then finds it difficult to put food on the table and pay their bills, it's incredibly tempting to attack their former employers. And so far, there have been numerous incidents of that happening.

There are other costs related to offshoring technical services and work in other industries, as well.

According to Australia's Passion Computing, outsourcing to India isn't actually cheaper at all. Companies and firms often get incredibly buggy code from Indian programmers, and additional money has to be spent on debugging. Because Indian programmers are paid poorly, even by Indian standards, there's no extra incentive for them to spend more time producing quality code.

Even though, in India, English is the language of choice when an Urdu speaker has to communicate with a Hindi speaker, those Indian technical workers and their supervisors often don't have a firm enough grasp of English to talk about technical matters in proper detail to their English speaking clientele.

Outsourced projects can be illegally copied, causing licensing and copyright issues. India's not the worst contender for that sort of thing, but China is.

Until the developed world starts to replace foreign workers with domestic workers, on a significant scale, we're collectively screwed; economically, technically, and security-wise.

Previous Page  1  2  3  4