IT Outsourcing Concerns and Mitigations

Opret en gratis Insights-profil hos Ingeniøren og få direkte og nem adgang til whitepapers, webinarer og e-magasiner.
Når du tilgår dette materiale, accepterer du, at sponsoren af materialet kan kontakte dig på din oplyste e-mailadresse og telefonnummer med markedsføring af ydelser, der relaterer sig til emnet, som materialet omhandler.

Outsourcing of IT operations and development has been a hot topic for years. Outsourcing critical operations adds certain risks, but with it also comes benefits.

Common advantages include scalability, more robust disaster recovery, easier access to subject matter experts, lower costs and being able to focus resources on core business development.

However, outsourcing also introduces a more complex delivery model, security and privacy concerns, less visibility, reduced control of the overall IT infrastructure, and makes it more difficult to map IT deliverables to a company’s business needs.

The pros and cons of outsourcing IT operations and development have been an ongoing discussion across most industries and organisations. The global outbreak of COVID-19 at the beginning of 2020 triggered a paradigm shift where organisations are now discovering additional risks associated with IT outsourcing.

To limit exposure and contain the spread of the virus, organisations all over the world saw their IT outsourcing partners being ordered by their governments to shut down offices, and reduce the percentage of employees permitted to work from their datacentres. For many IT outsourcing providers, their service delivery model is simply not equipped to be delivered from employees working at a home office.

As organisations scramble to determine if their well-documented SLAs are still valid, a more significant risk is if the confidentiality, integrity and availability of their data and services are being maintained and handled appropriately from their IT outsourcing partners’ homebound workforce.

While this risk is not necessarily new, its impact has grown exponentially and unpredictably in March 2020. The goal of this introductory whitepaper is to highlight eight specific technologies CISOs, security teams and IT managers should consider to reduce these risks.

The list of risk mitigating recommendations below is not complete. Other technologies and approaches may make just as much sense based on what needs to be protected. However, we have selected these eight specific topics based on our vast experience assisting customers in reducing their risk exposure under similar circumstances.