Outsourcing and Security

Posted by on Nov 12, 2019 in Uncategorized | 0 comments

Many companies partner with or even rely on outside entities in some aspects of their business or as important parts of certain processes and functions. One example that comes to mind is how the United States Postal Service (USPS) and United Parcel Service (UPS) work together in order to transport some mail and packages to specific regions, customers or businesses. This helps to ensure faster shipping and guaranteed delivery of particular items when one service needs the resources of the other (Steiner, 2019). With this type of example in mind, it goes without saying that when businesses or entities collaborate, an exchange of information and data will take place at some point. How much and on what level depends on the type of business and the relationship. It could be information on some of the processes, operations or just general use of data that needs to be handled by both (or all) parties that are working together. In the case of something like a third-party vendor, that vendor may need access to secure systems, applications and information that a company uses, processes or produces.

There are a few pros and cons in this type of situation. On the plus side, outsourcing certain functions might give a slight advantage in that the company or vendor brought on board will specialize in what they do and have a level of expertise that the original company may not have. Also, larger businesses can perfect the big picture and reach goals by having dedicated departments or specialists that can more carefully focus on different aspects. Lastly, businesses can use their vendor and professional relationships to continue to develop and improve security policies. When a company understands that their reputation, product or service quality, etc., is on the line regardless of whether they handle it directly or through a third-party, they can work to ensure that the proper protocols and standards remain in place. If changes need to be made, they can monitor progress and continue to make improvements. On the other hand, there come certain risks and concerns. The first is that in dealing with an outside entity, each set of standards and procedures will differ. In most cases, companies adapt and compromise in order to work together and ensure smooth operations but there is still room for errors and unforeseen incidents that may be out of the hands of either party. This can sometimes be due to the fact that not all information is shared, known or even understood by both parties. On that same note, one such area of issue could be security and information sharing. If there is a security event on either side, it effects and puts both sides at risk. Things like breaches, data loss, hacks, systems malfunctions and process failures all create risks that can lead to even bigger issues.

While all security risks cannot be eliminated, businesses can do what they can to decrease chances of being affected, or at least try to prepare in case of an event. Communication is going to be a major key. Equally important will be establishing proper protocols and standards, ensuring they are clear and well-understood and strictly enforced. In the case of a breach, information is critical so that each party understands what needs to be done in order to prevent further damage. There may be some instances where a business will need to consider terminating a relationship and discontinuing the services of an outside resource.

References

Kim, D., President and Chief Security Officer Security Evolutions Inc Fairfax Virginia David Kim, & Solomon, M. G. (2013). Fundamentals of Information Systems Security. Burlington, MA: Jones & Bartlett Publishers.

UPS Is Moving to 7-Day Delivery with the Help of USPS. (2019, July 23). Retrieved from https://www.ecommercebytes.com/2019/07/23/ups-is-moving-to-7-day-delivery-with-the-help-of-usps/

Leave a Reply

Your email address will not be published. Required fields are marked *