Is enterprise IT security strategic?
I have research extensively on IT outsourcing during my honours year and one of the guidelines of selecting what to outsource within an organisation is to outsource stuff that is not in your strategic path (or stuff that you are not competing on) and keep the rest in house.
Today in the news, Proctor & Gamble outsources security to IBM ISS managed services to save money, boost security. In this particular case, should P&G outsource its IT security to IBM? Well, enterprise IT security is not something you cannot really compete on, but you can’t live without it (think of it as payroll within an organisation).
IT security is a sensitive issue. The thought that came to my head shortly after I read the news is an image of a DBA stealing all of the banks customers’ details and somehow I feel that P&G might be giving IBM a chance to do that. I am exaggerating here for sure. But you never know, IBM wouldn’t want something like this to happen for sure but on the flip side, a P&G “DBA” can do the same too, so worrying about this issue is pointless. IBM could boost P&G’s security but giving security to another person is like giving them your house keys to live with you.
What do you think? Or do you think I am just blabbering rubbish here?
Add A Comment