another example of the Credit Card industry's deceptive advertising targeting children
cartoon of the month

Friday, May 27, 2005

Data Security and BPO in India

Ponder this, "The more data protection laws we have in India the easier it will be for citizens to harass MNCs and BPOs by abusing the process of law" says noted Indian cyber law expert Sarbajit Roy and lead editor of the Cyber Crime India blog. Roy's Hacking Complaint under the IT ACT 2000 has raised howls of protest from CIBIL, RBI and Standard Chartered Bank India that Roy was "abusing the process of law" to harass them.

Data Security and BPO in India

May 25, 2005 11:22 IST

The burgeoning outsourcing business in India is not restricted to call centres anymore with data processing units coming up in large numbers but the absence of proper data security and cyber laws is hampering their business prospects, say experts.

Security of information is a major concern for companies outsourcing their jobs and they are insisting BPOs to get certified under international certification standards such as BS 7799, SAS 70, HIPAA standards because compared to the laws in the US and the UK, the Indian IT Act 2000 offers woefully inadequate protection, says Mandeep Garewal, director, Force Tech Security, a consultant to BPOs on data security related matters.

An estimated 20 per cent more work would have come India's way if a data protection law was in place, says Garewal.

Given that the BPO industry had a turnover of $3.6 billion in 2003-04, that translates into business worth about $720 million, about $1 billion worth of more BPO work would have come here if stringent security norms and suitable laws were in place in India," says Garewal.

Because of ongoing concerns on security, it has become a critical bugaboo and companies look for providing limited access to their applications thus minimising the scope of misuse, says Alok Shinde, director of information communication and technology practice, Frost and Sullivan, market consultants on emerging high-technology.

"They have a clause in the selection process that makes it mandatory for BPOs to have security certifications such as BS 7799 before they can bid. They also ensure that BPOs in India are conducting security audit and penetration testing to ensure compliance," says Shende.

Companies would also be taking up the issue in a big way at the forthcoming Communic Asia conference in Singapore next month.

Companies outsource services such as health, land records, which are important data and therefore they maintain stringent security specifications, which are based on requirements of their own onshore compliances to various laws, says Garewal.

0 Comments:

Post a Comment

<< Home