International and Domestic Customer Data Security - Different Yardsticks!!
A recent Forrester study of Indian IT firms has reported that 80% of the surveyed firms, are focusing on Information Security as a priority.
Clearly Indian firms are keen to portray the country as a safe destination for international business.
Some recent high profile incidents involving a spectrum of Information Security related crime, from code theft to credit card theft, have provided fuel to the anti-outsourcing lobbies in the US and the rest of the western world. Indian IT firms however seem quick to respond to the challenge of making business secure not just from the purely technological perspective but also to ensure compliance with tougher and tougher privacy and data protection laws.
On the flip side, I am awaiting a study of how Indian businesses measure up when it comes to protecting the data of domestic customers. I doubt they would measure up at all. Indian businesses seem to have different yardsticks when it comes to data protection matters for citizens of the US and the EU, and those of India. Slack data protection for domestic customers is more a rule than an exception.
Of course, the reason for this is that the UK and the EU have strict data protection laws and individuals of these countries value their privacy highly. I am not aware of Indian laws addressing these issues at all. More importantly, Indians do not seem to be so concerned about their data and their privacy. I wonder if this due to lack of awareness or more a matter of culture. I would suspect its the latter. I will not dwell on this aspect though.
Data protection is required in India. It is time citizens understood that Information Security is not just firewalls and passwords. It is also about privacy and a whole gamut of other issues. If not for any other reason, Indian citizens need data protection to make sure they don't have people calling them at odd hours asking if they want to buy Himesh and crazy frog ring tones.
Self regulation as advocated by some who's who in Indian IT wont work. The only way this can be enforced is by legislation.
- shrichris's blog
- Login or register to post comments
irritating
many times I'm appalled at the calls I get...
even more irritating is when these business people know so much of info about me... recently I got a mail to my official mail ID from some HR agency calling for jobs with the exact skills I have and for the exact domain I am working in which really shook me... I am trying to figure out how the other company got my profile.. I've never ever posted my resume in its high time such a law is enacted in India...
but the cynic in me feels that this law will go the way of many other laws.. existence but no relevance.. the reason being that serious issues relating to information security apply only to a small minority of the population...
comment
Perhaps the issue is of a much grander scale.
products for european/american countries appear to be of better quality - this includes cars (tata indica..), clothes, processed/packaged food... now, of course this is because of tougher requirements by both the industry and of the general public - but this only explains why the stuff outside is good, not why the stuff inside is consistently of not the same quality - you blame it (IMO rightly) on an absence of both policy and general public expectation within the country.
bottom line: the indian industry is acting like any modern (capitalist) industry - if it doesn't increase your profits, and it is not forced on you, don't do it.
The question then turns to this: Are the present day business ethics right? I am sure everyone has a categorical answer (either way) for this. It is incumbent on those who answer in the negative (the list includes me) to give an economically viable alternative set(s) of business ethics.