Home
Topics
IT security
IT risk management
What considerations should be made when outsourcing IT infrastructure?

Ask the Expert

What considerations should be made when outsourcing IT infrastructure?

Peter Wood, network security

What security considerations should be made when outsourcing IT infrastructure, particularly with the network?

Requires Free Membership to View

Login

By submitting you agree to receive email communications from
TechTarget and its partners. Privacy Policy Terms of Use.

When outsourcing IT infrastructure, the first and most important thing is to ensure the contract requires your outsourcing partner to take security seriously, and will conform to your information security policy and standards (assuming you have them).

If you need an independent set of standards, then ISO/IEC 27002:2005 -- the Code of Practice for Information Security, is a good place to start. The information security guidelines and principles can be used as a checklist to determine the weaknesses in a company's general security posture.

You also need to ensure the contract gives you the right to audit and penetration test the infrastructure, processes and procedures.

If your proposed outsourcing partner is not able to respond proactively when you talk about security and audits, then you may wish to look elsewhere.

Read More

Related content from ComputerWeekly.com
RELATED CONTENT FROM THE TECHTARGET NETWORK

This was first published in May 2009

Back to top

More from Related TechTarget Sites

CIO
Security
Networking
Data Center
Data Management

CIO
- Learning native tongue of your business is key to reviving role of IT
  
  If CIOs are to remain relevant and strategic, they need to teach their IT teams the lingua franca of business.
- It's time to rebrand enterprise IT expertise
  
  As businesses go digital, technology expertise is needed more than ever. The question is how to do that in a way that doesn't alienate the business.
- Data privacy and the 'economy of queasy trust'
  
  This week, Searchlight focuses on data privacy issues including privacy expectations, Google's ironic stance on 'big data' and more.
Security
- Gary McGraw: NSA data collection programs demand discussion, scrutiny
  
  Opinion: Gary McGraw details the various and sundry NSA data collection programs and explains why all its efforts demand new discussion and scrutiny.
- Enterprise BYOD offers mixed bag for enterprise endpoint security
  
  A Gartner analyst says enterprise BYOD -- specifically iOS and Android devices -- presents many pros and cons for enterprise endpoint security.
- Reframing discussions about return on security investment
  
  According to expert Joe Granneman, return on security investment is a misnomer. Here's a better way to view security expenditures.
Networking
- Can your existing tools juggle so many external services?
  
  You need to make sure you have the right tools to effectively monitor so many new externalized services. Expert Henry Svendblad shows you how.
- WLAN vendor Ruckus offers device-agnostic BYOD management
  
  Enterprises need device and operating-system-agnostic BYOD management. Ruckus offers device-agnostic networking software for enterprise WLANs.
- Is it time to consider FCoE adoption in your storage network plan?
  
  Fibre Channel over Ethernet (FCoE) adoption is growing. But is it right for your organization?
Data Center
- Red Hat Open Hybrid Cloud aids private, public cloud management
  
  Hardware, virtualization, public and private cloud are all converging and need to be managed as one environment. Enter Red Hat's Open Hybrid Cloud.
- Mainframe modernization takes on urgency
  
  A Red Hat Summit talk on database and mainframe modernization highlights urgency, need for agility in enterprise development teams.
- AMD microprocessors regroup to fight another day
  
  Intel may win the server war, but AMD microprocessors could find more acceptance in another niche market.
Data Management
- From 4GLs to HTML5 desktop apps: Bringing data to the masses
  
  Advocating wider access to data, speakers at the Information Builders Summit 2013 traced a journey from 4GL tools to HTML5 desktop apps and beyond.
- Enterprise data quality efforts in good company with MDM, governance
  
  Combining data quality initiatives with master data management and data governance programs can help ensure that data remains accurate and consistent.
- Better data quality process begins with business processes, not tools
  
  Efforts to improve data quality should start with procedural changes to help avoid data errors, then the possible addition of data quality software.

All Rights Reserved,Copyright 2000 - 2013, TechTarget