Most BPOs have failed to upgrade technology to secure data: Survey
Majority of the Business Process Outsourcing (BPO) firms and corporate houses in the city dealing with bank accounts and other sensitive information of their clients are unable to checkindia Updated: May 18, 2011 00:31 IST
Majority of the Business Process Outsourcing (BPO) firms and corporate houses in the city dealing with bank accounts and other sensitive information of their clients are unable to check
the growing threat of data security breach, a survey has revealed.
According to the Information Technology (IT) Security Vulnerability Assessment carried out with a sample of 30 well-known BPOs in Gurgaon, majority of firms have failed to upgrade their technologies to ensure the security of their clients' data.
The study which was conducted in the last three months found that 80% of the respondents, who were chief technology officers (CTOs) and chief executive officers (CEOs) of leading firms, admitted that security measures adopted by their companies would become outdated in two years while 20% said their method will not be effective in checking data theft in less than a year.
Farha Diba Kapoor, the CTO of Activas that conducted the study said: "In the last three months alone we've conducted four audits in fair-sized BPOs. Though BPOs (and most corporates) are well aware of compliance requirements and they do have much in place, yet there is a huge need for regular vulnerability audits as the threat of security breach is growing with each passing day."
All the respondents have agreed that employees understand the possible legal repercussions on the company and its individuals in case a crime is committed but most of them are unaware of its magnitude in terms of loss of business or brand image.
The study also revealed that 90% of security breaches take place due to internal transgression and only 10% due to external factor. "Most of the companies do not feel the need to educate their staff about such audits and the subject itself. This leaves companies highly exposed to possible legal liabilities and litigation. What is surprising is the fact that many companies are not well insured against such threats. I would suggest company wide internal communications to be as important as periodic technology audits," she added.