SEO Marketing Research

SEO Marketing Research header image 2

Internet Security: As a driving factor of the business process outsourcing (BPO) revolution

13 Comments · Business outsourcing

Internet security refers to the ability to send information and data (including voice) over the Internet without fear of leakage, espionage, or outright loss.

It is critical for companies to be certain that their data integrity will be maintained despite its movement around the globe in the servers, routers, and computers that make up the World Wide Web.

In the past, many executives were reluctant to conduct any back-office business transactions over the Internet or beyond their own four walls because they felt the security risks outweighed the value proposition.

Nevertheless, in today’s world of ever-changing technology advancements, most executives are more computer savvy and better understand the security protocols now available.

With these new technical breakthroughs, companies can now work within virtual walls with the same level of security they enjoyed within physical walls.

One of the most significant enablers of this new virtual workplace is the use of Kerberos technology, developed at the Massachusetts Institute of Technology (MIT) as a cryptographic environment.

This technology allows computer systems to use digital certificates for authentication within their transactions.

Kerberos is just one piece of a much larger security framework that is now in place. Security systems today include proxy servers, passwords, authentication, firewalls, encryption layers, certificates, virtual private networks, open systems interconnection, and extranets.

With these security advances, two companies can partner and safely share resources in the virtual world.

In addition to the security innovations at the technical level, there have been significant changes at the policy and regulatory levels.

Most organizations have enacted internal policies to protect sensitive data and information, including institution of security access to physical facilities and requirements for employees to wear identification badges.

At the regulatory level, national governments have instituted laws regarding data security. For example, the Indian IT Act of 2000 addresses privacy-related issues and attempts to define backing and computer evidence.

It also strongly prescribes the implementation of digital signatures and Public Key Infrastructure (PKI) for facilitating secure transactions.

The Data Protection laws enacted by the United Kingdom and the European Union (EU) are considered to be benchmarks in international privacy laws.

In addition to federal legislation, several international certifications and standards mitigate security risks.

Most BPO providers adhere to one or more of these standards and have received the appropriate certifications. Several global and national compliance benchmarks include the following:

? BS 7799. First published in February 1995, BS 7799 is a comprehensive set of controls comprising best practices in information security.

BS 7799 is intended to serve as a single reference point for identifying a range of controls needed for most situations where information systems are used in industry and commerce, and to be used by large, medium, and small organizations.

It was significantly revised and improved in May 1999 and a year or so later published by the International Organization for Standardization (ISO).

? ISO 17799. ISO 17799 is an internationally recognized information security management standard. The ISO first published it in December 2000.

? HIPAA. The Health Insurance Portability and Accountability Act (HIPAA) of 1996 establishes standards for the secure electronic exchange of health data. Health care providers and insurers who elect to transmit data electronically must comply with HIPAA security standards.

Even with these security standards, organizations should be aware of security best practices and ensure that the BPO vendor they choose has the capability and processes in place to meet and exceed security needs.

The new laws governing data protection, organizational policies, and new technologies have converged to create a highly secure – although still imperfect – communications infrastructure.

Although hack-proof systems have yet to be constructed, the ever-more-complex barriers erected to prevent cyber-espionage and cyber-crime make them increasingly less attractive projects for weekend hackers and an expensive undertaking for anyone else.


13 Comments so far ↓

Leave a Comment