Yes, I know I just wrote something about this, but did I mention that protecting intellectual property isn't exactly a top priority in far flung countries?
Another article in InformationWeek notes that software piracy and lack of intellectual property protection are huge problems in India. So the question is: Do you want to trust your sensitive corporate--or government--information to any entity in a nation in which such problems are rampant? Do you want to trust processing for your core systems--the heart of your business--to such an unstable environment?
We are an industry that is built on assessing and preparing for risk. But why do we take such chances with our own data--not to mention the sensitive data that belongs to our valued customers?
Comments (3)
This Blog struck a nerve.
Before I entered the insurance business, I spent a few years in import/export. We imported goods from India, and every time we asked any of our vendors for a quote, whether by mail or telex, we immediately received a number of quotes from unknown vendors offering the same products at lower prices.
After a bit of research, we found that our vendor's competitors were bribing employees in the Indian Post Office and Telephone Company to read his mail and telexes before he got them.
I doubt the business attitude toward confidentiality has changed significantly since then, and I too would have concern with transferring proprietary information to India.
Posted by James Wright | March 21, 2007 12:33 PM
Posted on March 21, 2007 12:33
The context of the question --- "Do you want to trust your sensitive corporate--or government--information to any entity in a nation in which such problems are rampant?" --- reminds me of a similar presupposition: "Do you beat your wife?" It is an unfair generalization ... based upon nearly 10 years of experience working with global insurance companies doing business in India.
I have been working with Indian-based companies, and most recently directly as Head of the Insurance Unit of one of the largest IT shops. We worked with the largest Insurance companies on the planet, all of whom have effective controls and practices to protect both intellectual property and private information.
The work environments in India are akin to "clean room" environments in the microprocessor industry ... no one enters or exits the work area with paper, disk drives, or anything that could compromise information. Deep background checks are often performed on employees. Most of the largest shops have the UK BS7799 certification for the environments, and/or are ISO 9001/9002 certified as well.
These safeguards are only the beginning. I am no longer employed by that India-based company, and have no vested interest in claiming (as I did before) that information security is in many instances better than I have found at US insurance companies. This is not an indictment.
The fact is that in all areas of business, and in all parts of the world, vigilence is the best approach to protecting property and information. Indian companies often unfairly bear the brunt of prejudice which does not in practice align with the facts.
Posted by Bill Budde | April 2, 2007 7:11 PM
Posted on April 2, 2007 19:11
Bill Budde's comments provide an interesting contrast to those of Mr. Wright. Yet the fact remains that intellectual property is not officially protected in India. The problem isn't the Indian facilities, per se, but rather the lack of regulatory integrity that exists in that nation as a whole. Further, reports indicate that some jobs outsourced to India are re-outsourced to China, which was the recipient of stolen nuclear technology secrets during the reign of William the Slick. Am I being paranoid? Maybe. But then again, sometimes people really are out to get you.
Posted by Ara Trembly | April 3, 2007 9:57 AM
Posted on April 3, 2007 09:57