Managing Risk and Security in Outsourcing IT Services
Onshore, Offshore and the Cloud
With cloud computing quickly becoming a standard in today’s IT environments, many security experts are raising concerns regarding security and privacy in outsourced cloud environments—requiring a change in how we evaluate risk and protect information, processes, and people.
Managing Risk and Security in Outsourcing IT Services: Onshore, Offshore and the Cloud explains how to address the security risks that can arise from outsourcing or adopting cloud technology. Providing you with an understanding of the fundamentals, it supplies authoritative guidance and examples on how to tailor the right risk approach for your organization.
Covering onshore, offshore, and cloud services, it provides concrete examples and illustrative case studies that describe the specifics of what to do and what not to do across a variety of implementation scenarios. This book will be especially helpful to managers challenged with an outsourcing situation—whether preparing for it, living it day to day, or being tasked to safely bring back information systems to the organization.
Many factors can play into the success or failure of an outsourcing initiative. This book not only provides the technical background required, but also the practical information about outsourcing and its mechanics.
By describing and analyzing outsourcing industry processes and technologies, along with their security and privacy impacts, this book provides the fundamental understanding and guidance you need to keep your information, processes, and people secure when IT services are outsourced.
Table of Contents
Outsourcing. The Cloud. Before You Decide to Outsource. Ready to Outsource. Day One and Beyond. When We Part. Outsourcing Anecdotes.
Frank Siepmann is a Security Executive with over 29 years of IT experience. In 1996 he started focusing on IT Security. Mr. Siepmann has been leading security organizations and programs with globally dispersed teams and has been known to challenge the status quo by creating new value propositions. He has spent over 7 years of his career at leading Big-4 consulting companies in executive or senior management roles. During this time and after it he had the opportunity to work with many Fortune 100 companies.
Some of Mr. Siepmann's roles have included Director of Information Security for a $4B business unit, Security Executive (CISO) for the largest outsourcing deal of a Big-4 consulting company and Security Architect for the cloud initiative of a Fortune 10 financial institution. In 2008 he established his own security consulting company, 1SSA, with a focus on providing services to U.S. government entities and commercial companies globally. He has presented at International Security Conferences and has published throughout his whole career.