http://www.indiainfoline.com/news/innernews.asp?storyId=17059&lmn=1 India Infoline News Service Mumbai Oct 06, 2006 We have no further update from them (Channel 4) on their intent to share the details: NASSCOM UK-based Channel 4s sting operation, a year long effort to locate security lapses in the call center industry has caused a flutter and (National Association of Software and Services (NASSCOM) sought evidence behind the report and co-operate fully and wholeheartedly. This would have enabled prompt action against the alleged criminals. But Dispatches refused to provide that information, prior to airing of the programme. We have no further update from them on their intent to share the details of persons shown in the program who have "sold'' the data to Channel 4. However, we will pursue it further to ensure that criminals, if any, are rightly taken to the concerned authorities, said Kiran Karnik, President, NASSCOM. Karnik added, We take any alleged breach of security extremely seriously. The fact that there was no suggestion of customers suffering financial loss in Dispatches' report does not diminish the priority we give to all security issues. An investigation by the Indian police is already well underway and we call upon Dispatches' full and complete cooperation with their inquiries. NASSCOM has filed a complaint on behalf of the IT industry and the Criminal Investigation Department of the West Bengal Police has registered an FIR and started investigations under the Criminal Procedure Code. The Police have confirmed that Sushant Chandak's residence in Kolkata was also searched on Wednesday evening, the entire family is missing. The authorities are in the process of locating Sushant Chandak and gathering evidence relating to the allegations. The NASSCOM President added, The Dispatches programme made it clear that data security is an international issue that is not unique to any one country. In India we are seeking to lead the way to even more stringent security standards. Earlier Karnik had expressed concern about the verifiability of such operations, especially due to monetary inducements. He said, "These operations sometimes go beyond uncovering wrongdoing and actually induce criminal activity that is then recorded and aired. Taking all possible steps to prevent such unpleasant corporate occurrences, NASSCOM is determined to ensure: * Setting up a national registry of employees in the IT software and services * Training enforcement officials and creating awareness in the judiciary in India on cyber crimes, also conducting Cyber Safety Weeks for consumer awareness * Establishing a Self-Regulatory Organization * Working closely with the Indian Government to evolve amendments to India's already-tight laws to ensure the globally best cyber environment, the final changes of which have been incorporated, and is likely to be placed before the Parliament during the Winter session Following a recent investigation of call centre's in India, the UK's Banking Codes Standards Board reported: "Customer data (in India) is subject to the same level of security as in the UK. High risk and more complex processes are subject to higher levels of scrutiny than similar activities onshore... A separate recent report by the UK's Financial Services Authority noted that "There is no evidence to suggest consumer data is at greater risk in India than in the UK." Ahead of these developments the National Association of Outsourcing (NAO) has commented on the issue, stating that the breaches reported by the Dispatches are unrefutable but the organization is aware of how seriously the Indian industry broaches the issue of data protection and security. NAO that is in close conjunction with Indian trade bodies and the Indian Government, maintains that some people actively enticed by financial gains and have been tempted to break the law and their companys code of conduct. The UK-based association has identified key issues of data security that UK companies must bear in mind when they offshore to other countries. The top most pointer holds that Indian employees are no less errant that than employees in the UK or anywhere else and it is impossible to ensure that every employee is 100% trustworthy. On the management front, NOA holds that companies err in thinking that offshored units require minimal management, while actually the reverse is true. Increased distance calls for increased management to ensure adherence to company procedures in every location. The association states that Indian call centre employees are more vulnerable as they are paid much lesser than employees in UK. But call centre security are air tight as there is not only physical security but also the following of standards like BS7799 to ensure that good operating procedures are in place. Call centre employees only have access to information they need and do not have the technology at their fingertips to copy or send this information to unauthorised sources. The organisation not only communicates potential problems but also has best practise guides that advice companies to understand the business reasons behind outsourcing and the outcomes wanted or not wanted and precautions that can be taken to ensure no leakage of customer information. Among this entire upbeat, hissing in the youth centric industry, a very different view comes from the President of the Call Centre Association of India, Sam Chopra. "Frauds in the Indian BPO industry account for a fraction of a per cent of data theft. Data security is a matter of concern, however, such cases exist in minuscule numbers across all industries and any generalization on the entire industry based on a particular incident would be unfair, said Chopra. He also mentioned that unless concerned companies are named, no action can be taken. _________________________________ Donate online for the Ron Santo Walk to Cure Diabetes! http://www.c4i.org/ethan.html
This archive was generated by hypermail 2.1.3 : Mon Oct 09 2006 - 05:45:19 PDT