Language Selection

English French German Italian Portuguese Spanish

Insecurities over Indian outsourcing

Filed under
Security

Some say there's little risk, while others warn of serious hazards, including a threat to America's national sovereignty.

In the incident, former call center employees of Mphasis are accused of taking part in a theft of $350,000 from U.S. consumers' bank accounts.

In the wake of the theft, some observers have voiced concerns about the security of data being handled by outsourcers in India, including worries about weak procedures for checking employee backgrounds. According to this school of thought, the Mphasis breach could dramatically dent the amount of call center work shipped to outsourcers operating offshore.

"This was not a lapse of judgment or an issue of poor customer service: The incident was an organized and systematic plot to steal customers' money," John McCarthy, an analyst at Forrester Research, wrote recently. "Forrester believes that this breach, coupled with recent onshore disclosures of sensitive customer data, will have far-reaching negative connotations for the offshore BPO (business process outsourcing) space."

Not everyone shares this view. But even the perception of danger could hurt the market.

A report from rival researcher Gartner played down the security risks but made no bones about the seriousness of the situation. "The entire Indian offshore industry ecosystem--including...the Indian government--must act quickly and decisively to counter the perception that Indian BPO poses a severe security risk," the report said.

Business process outsourcing, or BPO in industry parlance, refers to farming out tasks such as customer service and transaction processing to a separate company. The work could be done in the United States, or completed in lower-wage countries such as India or Mexico. In addition, some organizations have set up their own operations offshore. Shipping tasks offshore has become a controversial issue for U.S. labor advocates.

At the moment, U.S. organizations devote only a small fraction of their budgets for information technology services--including BPO--to low-cost countries, according to a recent Merrill Lynch survey of chief information officers. But that share of the budget is expected to grow over time, from 0.9 percent in 2004 to 1.6 percent in two-to-three years.

Rest of Story

More in Tux Machines

Games and Wine (Staging) Leftovers

Free Software: Kiwi TCMS 4.2, PeerTube in the News

  • Kiwi TCMS: Kiwi TCMS 4.2
    We're happy to announce Kiwi TCMS and tcms-api version 4.2! This is a security, bug-fix and enhancement update which upgrades to the latest Django version under Python 3.6. We've pushed new kiwitcms/kiwi:latest docker image to Docker Hub and updated the demo instance at https://demo.kiwitcms.org! This version also includes GDPR related changes which affect our project. Read below for the details.
  • PeerTube: An Open Source YouTube Alternative To Beat Censorship
    When it’s about watching videos online, YouTube is the first thing that comes to our minds. But the popular video sharing platform is often subjected to censorship in many countries. There are many countries including China and North Korea that ban YouTube from time to time. Leave the others, recently, even YouTube ended up blocking many legitimate Channels as a collateral damage of its copyright crackdown. Ultimately, the content creators are the ones who get affected due to all of this blocking.
  • PeerTube: A ‘Censorship’ Resistent YouTube Alternative

    YouTube is a great video platform that has a lot to offer to both consumers and creators. At least, those who play by the rules. For creators, there is a major drawback though, one that put a spotlight on the alternative 'free-libre' software PeerTube this week.

OpenBSD chief de Raadt says no easy fix for new Intel CPU bug

Recompiling is unlikely to be a catch-all solution for a recently unveiled Intel CPU vulnerability known as TLBleed, the details of which were leaked on Friday, the head of the OpenBSD project Theo de Raadt says. The details of TLBleed, which gets its name from the fact that the flaw targets the translation lookaside buffer, a CPU cache, were leaked to the British tech site, The Register; the side-channel vulnerability can be theoretically exploited to extract encryption keys and private information from programs. Read more

Kernel Space: Linux and Systemd

  • Linus Torvalds tells kernel devs to fix their regressive fixing
    Linus Torvalds has given the Linux kernel development community a bit of a touch-up, after finding some contributions to Linux 4.18 complicated the kernel development process. In his post announcing release candidate 2 of Linux kernel 4.18, Torvalds mentioned “some noticeable filesystem updates, particularly to cifs.” “I'm going to point those out, because some of them probably shouldn't have been in rc2. They were ‘fixes’ not in the ‘regressions’ sense, but in the ‘missing features’ sense.”
  • Why data centers need log management tools

    Even though systemd is a common logging method, rsyslog offers more features. One main capability is being able to write log messages to a specific database. You can also configure rsyslog logs on one main server for centralized access.

  • Systemd v239 released
    Systemd v239 has been released with a long list of changes; click below for the full set. "A new system.conf setting NoNewPrivileges= is now available which may be used to turn off acquisition of new privileges system-wide (i.e. set Linux' PR_SET_NO_NEW_PRIVS for PID 1 itself, and thus also for all its children). Note that turning this option on means setuid binaries and file system capabilities lose their special powers. While turning on this option is a big step towards a more secure system, doing so is likely to break numerous pre-existing UNIX tools, in particular su and sudo."