Eracom Technologies & RSA Security discuss issues related to Information Security in the BPO Indust

New Page 1

Eracom Technologies & RSA Security discuss issues related to Information Security in the BPO Industry


Eracom Technologies, along with their partner RSA Security, hosted a seminar on issues related to information security in the BPO Industry.


Speaking at the seminar, Joy Nandi, Regional Director, Eracom Technologies, said, “Outsourcing organizations, like BPOs, Call Centers and Software Development Organizations are facing a great challenge arising from having to contractually comply with stringent privacy laws and data confidentiality regulations of US and EU, which constitutes the majority of their clientele. Regulations and laws like GLBA, SOX, CA SB1386, HIPAA, EU Directive 95/46/EC etc. impose stiff penalties and fines including imprisonment for breach of confidential data.”


“Recent IDC and FBI reports have stated that 81% percent of breaches are expected to happen from internal threats from within the organization, and the average damage caused by such internal threats is likely to be 5 times that of those caused by external threats. Currently most outsourcing organizations in India have predominantly a process-based approach to ensuring data confidentiality within their organization. The majority of organizations rely only on network perimeter security solutions – like Firewalls and IDS solutions which are predominantly meant to keep external threats from entering the organization, but these solutions do not address the internal threats within the organization. Many of the privacy laws explicitly state that only if the case when data is kept encrypted, organizations may be exempt of liabilities even in the case of a breach. Outsourcing organizations need to focus on increasing the internal security of confidential data by looking for solutions in two additional areas of protection – access control solutions and data encryption solutions”, he added.


During the topics presented in the seminar it was demonstrated why it was so easy to breach confidential information – with increasing intruder knowledge and sophistication of attacks. Various reasons add to this threat of data being lost - shared infrastructure and frequently rotating manpower being some of them.


As a consequence, and in the wake of some highly publicized security failures, privacy abuses and corporate scandals in the Indian outsourcing industry, there is intense pressure on the Indian government and Industry bodies like NASSCOM to formulate appropriate privacy laws in India, and also come up with a white-paper on additional policies and technical solutions required to reduce the security risks related to data confidentiality.


Eracom Technologies presented their suite of Privacy of Information encryption solutions: ProtectFile – an enterprise class folder encryption solution with enhanced user access rights management – which can enforce only selective access to confidential data by users in the organization on a strict “need-to-know” basis; ProtectDrive – a Enterprise level hard-disk encryption software designed to keep data on mobile devices like laptops confidential and inaccessible even in the event of loss or theft; and ProtectPack – a container based encryption and compression solution which can be used to send files or folders securely as email attachments, or shared via portable media like USB HDD and CDR.


RSA Security showcased their Identity and Access Management solutions that enables simply and effective regulatory compliance. Ross Wilson, South Asia Director of Sales for RSA Security said during the conference, “I am happy to see that compliance to data confidentiality regulations is an area of great importance for this august gathering. Combining RSA Security’s expertise in authentication solutions and Eracom’s expertise in Data Encryption solutions, we will continue helping the Indian outsourcing organizations reduce the level of security exposure and risks that internal threats pose – which we hope will reduce the number of incidents of security breaches and will prevent losses from litigation, penalties and lost business opportunities”.


The seminar was closed with a panel discussion of eminent experts from the industry discussing the growing challenges related to data confidentiality, the reasons for current weak adoption rates with Outsourcing Organizations, and what how to best advocate these issue through various channels to increase awareness.

Added on December 5, 2005 Comment

Why don't you rate this content?

Article rating -- None Bookmark and Share


Post a comment