RealNews

Panel: Do not outsource all security

In a time when outsourcing is all the rage and IT security is slowly following this trend, panelists at yesterday’s Infosecurity conference in Toronto were in agreement that certain portions of a company’s security should always be kept in-house becaue they are too important to entrust to others. “Never, ever outsource anything that touches your clients,” said Rosaleen Citron, CEO of WhiteHat Inc., during the “view from the top” panel discussion. If something happens to corporate clients, from a security perspective, no matter whose fault it is, the company, not the outsourcer, gets the blame and its brand and image suffers. Last year, the BMO Financial Group learned a version of this truth when two of its servers containing customer information inadvertently ended up on eBay for a few hours after one of its outsourcers shipped the wrong pallet. The mistake, from a “keep it in-house” security perspective, was that the bank should have wiped the server drives clean itself. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.