The Economic Times
Sudin Apte, Country Head Forrester Research
The SRO announcement by Nasscom has once again brought the subject of information security in offshore operations to the forefront. Data leakage or security breach in BPO operations is a universal phenomenon, and last couple of years saw more than few such instances in the Indian BPO space.
But the massive media glare that every incident gets — coupled with limited government action to prevent recurrence — is actually the major pain area. Forrester believes such an initiative is a welcome step — as it maintains focus on the burning issue, but will achieve moderate success. Why?
Attrition is one of the key root causes: Frankly, lack of security standard/certification was never a problem. Inconsistent execution processes and manpower related issues such as attrition are the root causes for most of the frauds.
One more certification to adhere to: The BPO market has become highly commoditised and competitive place, with very few making money. Most players do have some or other security standards such as BS 7799 / ISO27001 / SAS70 -(Appended text) and on top of that, most customers impose some checks and balances. Against this background, voluntary compliance initiative will yield limited results.
The bottom-line: The SRO initiative brings the information security in the limelight again. More awareness, investments, process integrity and tightening of some of the loopholes will surely rebuild customer confidence. But this alone will not stop the frauds.
