Access your Pro+ Content below.
Outsourcing best practices: Identifying offshoring risks
This article is part of the September 2004 issue of Information Security magazine
Offshore production of clothing brands like Wrangler, Lee and Nautica is an easy fit for VF Corp. But, after many years' experience manufacturing designer jeans and lingerie in Latin America and China, VF--like so many companies that outsource operations and services abroad--is dealing with a new wrinkle: infosecurity. "We design our security infrastructure to support the business need," says Eric Anthony, VP of IT services for North Carolina-based VF, the world's largest apparel maker. "And no part of the business operates without proper security oversight." That may sound familiar, but many companies are just waking up to the unique threats inherent in overseas operations. And some just don't get it at all. The normal caveats in dealing with service providers are compounded by time, distance, divergent laws and regulations, and, sometimes, hidden layers of contractors, subcontractors and sub-subcontractors. A misstep at a factory might mean a missed stitch in a pair of jeans; mistakes in security can spell disaster for ...
Access this Pro+ Content for Free!
Features in this issue
Despite heightened post-9/11 security awareness, the U.S. is exposed to numerous critical infrastructure threats.
Emerging Web app security services and products bring source code vulnerabilities to light, writes James C. Foster.
Offshoring is good for business, but lax security practices can torpedo your investment.
Columns in this issue
Would you tell your enterprise security secrets if you could hear others? Lawrence Walsh explains why he thinks communication in the security field is lacking.
Measuring risk and forming best practices relies on learning from past experiences. Analyst Jay Heiser explains how security tactics in the past, echo in todays world.
Do you rush to deploy patches, hot fixes or service packs as soon as possible? Victor Garza explains why this may not necessarily be the right decision.
See why Watchfire's acquisition of Sanctum does not spell the end for web app security.
The information security officer will soon go the way of the dodo bird.