Gartner warns of offshore security risk

A shortage of skilled labour for Indian call centres increases the risk of fraud and identity theft, analyst firm Gartner warned in a newly published study.

India will need one million trained and qualified call centre workers by 2009, according to the Indian government, but by that time about a quarter of those positions will remain unfilled. Gartner warned that the shortfall in call centre agents will cause offshore outsourcing firms to hire fewer qualified staff and could lead to reduced due diligence. The analyst firm advised its clients to pay close attention to attrition rates and security measures, and make sure that contracts guarantee service level agreements and penalties.

Starting with the security breach at an Indian call centre two months ago, a few discussions and topical papers circulated the Internet regarding security when outsourcing offshore. Sharp focus was brought to concerns over data security in call centres and last month an ABC shock TV report revealed a thriving black market for highly sensitive, personal and financial details about Australians leaked from offshore call centers operating in India.

We can expect more focus on this area as legislation and compliance bites deeper, and customers become more aware of their exposure in off-shoring agreements and realise that they cant offshore their security responsibility. Firms that offshore IT and customer service call centre operations to countries such as India are required to treat these operations with the same data protection and regulatory process they would if they were based at home. But while they are accountable to domestic regulators there is currently little in the way of protection under Indian law. You can expect companies and governements bidding for offshore business to use the Security angle to differentiate their services in the market in the near future.

I would add to Gartners' recommendations that clients should review Government cybersecurity and privacy regulations in the countries they wish to offshore to to ensure the neccessary legal frameworks and disincentives are in place to deal with security breaches and hold those responsible accountable. India have already realised this and reacted sharply - see :India to tighten data security laws in wake of call centre breaches and Security programs for India contact centres announced and India to crack down on cybercriminals .

Those governments seeking to boost their economies through offshoring should seek to do the same to remain competitive.