RE: Outsourcing: Losing Control (Three messages)

[InfoSec News <isn () c4i org>]

Forwarded from: Jim Patton <jim.patton () ipvalue com>

IMHO - Making personal information of US citizens available outside of
this country is wrong. It compromises our overall national security
and makes it far easier for our individual identities to be stolen by
a greater number of people.

Ultimately, outsourcing only benefits an already overpaid minority of
executives and a limited number of shareholders. It does nothing to
enhance the security of American citizens.

As long as US corporations put the bottom-line ahead of the interests
of American Citizens and the USA, we will be at risk.

The only way we may be able to ensure that the security of our
personal information and identity is respected is to pass legislation
that puts a halt to the current outsourcing practices and keeps all of
this data where it belongs, in the USA!



-=-



Forwarded from: "Michael J. Reeves, AA, ASc" <NoSPAM.michaeljreeves () sbcglobal net>


Gosh Gee Whiz...

Couldn't they test the software on a TEST database containing 
bogus information, or did I miss something here???

IMHO...

mjr



-=-



Forwarded from: DC O'Dcriscoll & Associates <dcodriscoll () privacybasics info>

Two comments.

1) Also check the law in the country where data is being outsourced 
to, and ensure that it is able to deal with breaches of security and 
attempts to abuse the information being sent to it.

2) A lot of this 'panic' seems to be focusing on the fact that the 
outsourcing is going to other countries, as if this is a threat in 
itself (other than to jobs), but extortion of this type are able to 
happen in any country, and if IT execs are only recognising this now, 
then that begs questions.

Donal


> http://www.computerworld.com/securitytopics/security/story/0,10801,91085,00.html
>
> By Stacy Collett
> MARCH 15, 2004
> COMPUTERWORLD
>
> A woman in Pakistan recently struck fear among IT executives who
> outsource. She had obtained sensitive patient documents from the
> University of California, San Francisco, Medical Center through a
> medical transcription subcontractor that she worked for, and she
> threatened to post the files on the Internet unless she was paid
> more money.


-- 
dcodriscoll () privacybasics info
Tel: +44 (0)1524 63935; Web: www.privacybasics.info
Tailored training and consultancy in security and privacy for 
individuals and organizations.




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.