What considerations should be made when outsourcing IT infrastructure?

Ask the Expert

What considerations should be made when outsourcing IT infrastructure?

What security considerations should be made when outsourcing IT infrastructure, particularly with the network?

Continue Reading This Article

Enjoy this article as well as all of our content, including E-Guides, news, tips and more.
  • By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

  • Safe Harbor

When outsourcing IT infrastructure, the first and most important thing is to ensure the contract requires your outsourcing partner to take security seriously, and will conform to your information security policy and standards (assuming you have them).

If you need an independent set of standards, then ISO/IEC 27002:2005 -- the Code of Practice for Information Security, is a good place to start. The information security guidelines and principles can be used as a checklist to determine the weaknesses in a company's general security posture.

You also need to ensure the contract gives you the right to audit and penetration test the infrastructure, processes and procedures.

If your proposed outsourcing partner is not able to respond proactively when you talk about security and audits, then you may wish to look elsewhere.

This was first published in May 2009


COMMENTS powered by Disqus  //  Commenting policy