OUTSOURCING

CONs of Outsourcing the Information Security Function

It is crucial that the information about an organization stays safe, but when a third party is introduced and entrusted with safeguarding the company data, it is likely to pose security challenges. When the businesses involve an outsourcing provider, there are chances that sensitive information may leak and eventually land into the wrong hands that may end up jeopardizing the security of the business. The company should be responsible for how it trains its employees to warrant the trust they accord them. However, some outsourcers may turn to be malicious and risk the company security by creating a channel for criminals and frauds, and this may lead to significant losses to the business.
Sometimes difficult to find professionals who can secure networks within the company, and when they are found, it can be very expensive to keep them local. Therefore, some companies choose to outsource in order to find more specialists while saving some money in the end (Axelrod, 2004)

When new outsourcers are introduced into a business, the responsibility of managing and maintain the operator/s mainly relies on the company. Thus, in cases of small companies that are coming up, it may mean added strains and responsibilities that may be time-consuming. Managing and maintaining the company outsourced operators may also be very complex so as to come up with efficient operations that bring good returns to the enterprise. There are agreements that may be required. For instance, Service Level Agreements (SLA) and to do all these; setting the contracts, managing them and reviewing them over time may be time-consuming (Axelrod, 2004).

It can be costly for small upcoming businesses to manage agreements once set and given o the outsourcers. The enterprise may need to change or even expand, and this may require a change of the Agreements, which may be costly. It can also be limiting because it some outsourcers may be difficult to customize their operations as many would prefer to maintain consistency so as to maximize their economies of scale. This, therefore, may lead to the business expanding more to change the agreements (Hess, 2009).

At times, the outsourcers may not understand the business, meaning that they may not always make the right decisions for the business, and this can be a major challenge towards meeting the goals set. For the company to get the outsourcers at a level where they feel they fully entrust them, it may take a lot of time and cooperation. The business may also fail to uphold the continuity of the assignment given to the outsourcer due to high turnover that may have occurred. The processes of the changing roles and responsibilities may also be a challenge to the business, especially from the outsourced provider. The major disadvantage brought about by outsourcing service disruption of the organization (Hess, 2009)

Some operating models for the outsourced providers may be very complex and challenging for the business. Many outsourced providers want to have full control over the infrastructure and may refuse to agree to share the control policies. In addition to that, many outsourcers are new and unskilled, and this puts a business at risk. If the organization makes any wrong move that leads the outsourcer to make uninformed ideas, the business loses. The company needs to analyze and evaluate the risks involved with its decision (Hess, 2009).

References

Hess, K. M. (2009). Introduction to private security. Belmont, CA: Cengage Learning.

Axelrod, C. W. (2004). Outsourcing information security: [n.d.]. Boston, Mass. [u.a.]: Artech House.