Information Security and Data Privacy in the Indian BPO Industry

Report Code: INDR-0010
Period: 2004-2006
Industry: Computers, IT & ITeS
Countries: India
Report Length: 34 Pages		 Year of Publication: 2006
Price:
Electronic Format: Rs. 1500
(Approx. 37.5$/19.5 £ /25.5 €)

Executive Summary

Within a span of over a decade, India has become one of the most favored destinations across the world for business process outsourcing (BPO) operations. According to the National Association of Software and Service Companies (NASSCOM), the ITES-BPO exports from India in 2003-04 was US$ 3.1 billion was estimated to be US$ 6.3 billion by 2005-06.

Despite the strong growth in this sector, some of the challenges faced by the Indian BPO sector are shortage of quality manpower, wage inflation, infrastructure problems, etc. However, over the past few years, information and data security has become one the main challenges faced by the Indian BPO industry.
Instances of data thefts and frauds like the fraud at Msource, the BPO unit of MphasiS, and the KKaran Bahree case have attracted worldwide attention and become a major cause for concern among the industry players and associations in India.

Some of the information security and data privacy challenges that Indian BPOs face include lack of stringent data protection laws, use of portable devices such as laptops by employees to store confidential business information, rising data security costs due to increased employee background checks, training employees in maintaining data security, ensuring compliance with security policies implemented in the company, and systemic plugging of any loopholes through employee activity monitoring procedures.

To ensure that the confidentiality of a client’s information is maintained, BPOs need to implement data security measures, which can be classified into measures taken at the recruitment level and measures taken at the operational level. The Indian government is evaluating the possibility of reviewing the Information Technology Act of 2000 to bring various computer crimes relating to information privacy under its purview. NASSCOM announced plans to establish a self-regulating organization (SRO) to deal with information security issues related with outsourcing to India and introduced the National Skills Registry (NSR). NASSCOM also proposed that the Indian government should establish a special court to speed up the trial process of cases related to information / data security and other cybercrimes booked under the Information Technology Act 2000.

Excerpts >>

Copyright © 2006 Business Insights International. All rights reserved