Outsourcing is a highly attractive strategy in today's economic environment and competitive global market. Enterprises outsource a variety of functions to third parties to reduce costs and time to market, free up resources to concentrate on core capabilities, and gain a competitive edge. Global outsourcing offers these substantial benefits, but also poses some notable information security challenges.
The free flow of non-public information (NPI), customer confidential information (CCI) and intellectual property (IP) in the form of digital information such as source code, engineering drawings, personally identifiable information (PII), PCI compliance affected data and cardholder information has created a dilemma for companies that outsource – how do you safeguard digital information and still provide the access that outsourcing service providers need to get the job done?
Outsourcing is not simply the privilege of large corporations anymore either. Small and medium businesses are now taking advantage of this new opportunity to leverage economical outsourced resources. According to a study by USA TODAY, nearly 40% of start-ups outsource engineers, marketers, analysts and others in jobs created in India and other nations.
Outsourcing raises information security concerns as enterprises need assurance that the information provided to an outsourcer is strongly protected from compromise. Outsourcing to the international market makes information security an even greater concern. Many of the tasks delegated to outsourcing service providers require companies to entrust their outsourcing partner with sensitive information. Sensitive personal information such as tax returns and credit card information tend to be top-of-mind in the public eye, but outsourcing also poses a costly threat to intellectual property. In outsourcing relationships, a company must often provide the outsourcing partner with access to vital IP assets which are the key to the company's competitive edge. Exposing this valuable information to outsiders can pose significant security risks.
Vormetric Data Security solutions enable enterprises to secure the information being sent to the outsourced environment while the enterprise establishes and controls security access to the information. Outsourcers can also use Vormetric Data Security as a value-added offering to ensure their customers that their enterprise information is secure. Vormetric Data Security includes Vormetric Tokenization and Dynamic Masking, which lets administrators establish policies to return an entire field tokenized or dynamically mask parts of a field. With the solution’s format-preserving tokenization capabilities, managers can restrict access to sensitive assets, yet at the same time, format the protected data in a way that enables many users to do their jobs.
Vormetric Data Security solutions are transparent to applications and databases, so no modifications to the IT infrastructure are required. Vormetric Data Security for Outsourcing Service Providers supports all leading databases as well as unstructured data stores on Linux, Unix and Windows platforms.
Our information is the lifeblood of our facility. We consistently deal with financial, compliance, confidentiality and even intellectual property issues with sensitive, valuable data at the core of all of it. Vormetric's solution helped us secure these information assets without affecting the rest of our technology implementations or affecting the performance of our IT
Director of Server and Desktop
Services, University of Texas
Health Science Center