Now here's a poorly constructed article if ever I read one… “Are You Practicing Safe Outsourcing?” ran in Darwin magazine and provides a list of 10 considerations for reducing risk in outsourcing projects. These were uncovered in a research project of 24 “major U.S. corporations.” It includes such suggestions as: “Appoint a high-level officer to assume responsibility for evaluating vendors for adequacy to meet corporate policy and legal requirements.”
Then after the roster of best practices, the article includes a horrendous case study, in which a company that offshored had its customer list (with financial information) “stolen” by a new worker at the service provider.
That's followed by this gem: “Despite the crisis faced by the financial organization, outsourcing is not necessarily a problem…To reduce the risk of a privacy and security breach, companies need to take reasonable steps to prevent what can be the root of all evil — the unauthorized access to sensitive information or lax controls over information sharing.”
Whoa! That's helpful! Thanks, Darwin!