outsourcing-datenschutz

IT outsourcing: five privacy tips for virtual teams

IT outsourcing is a big trend, especially in countries like Germany with high salary costs. By implementing complete IT projects in India and other countries with low salary levels, the normally high development costs can be significantly reduced.

However, companies also like to strengthen existing local teams with individual experts. Companies with development departments spread across several locations can easily integrate a virtual team member with online collaboration tools. They are used to working over distance and can easily take part in important team meetings with colleagues on other continents thanks to broadband connections and professional video conference technology. The Scrum/Agile methodology which is popular all over the world will ensure clear distribution of tasks and communication.

Data protection is often neglected

In virtually managed projects data security is all too often neglected. If you use IT outsourcing with offshore providers, you should definitely keep the following points in mind.

The most important step is to sign a non-disclosure agreement (NDA) at the conclusion of the contract. Let the NDA contractually guarantee the confidentiality of all your sensitive data with your outsourcing partner. In addition to the legal aspect, it will make it clear that the confidential handling of your data is important to you.

This is especially true for complex projects, when you allow access to your own server or team accounts in the cloud to external partners. Pay attention to rights management, which lets you set exactly what data is shared with whom. Setting up separate user accounts that can be deleted after the end of the collaboration is a must. For this reason, access data that is shared by multiple employees should never be shared.

Your employees will also share manual data with the external partners or employees. Before and during collaboration, create guidelines on what can be shared, how and in what medium.

Use encrypted connections, encrypted files and password-protected accounts for all shared data, no matter through what medium or service; the encryption function built in to Microsoft Office or ZIP compressor is an easy way to ensure high levels of data protection – even if other aspects are neglected. If the computer or files fall into the wrong hands, then this method will protect them from unauthorised access.

You should also make sure that you choose and specify exactly which external services should be used for data exchange. Not all popular online services are equally trusted, as you can see from the increasing amount of hacked and ultimately leaked user accounts. The passwords used for these services should be up to date with modern security standards.

Trust is good – control is better

If you keep all these points in mind, then you have already achieved a lot. As a manager or team lead you should not automatically trust that your employees or outsourcing partners will follow them.

The better you communicate the importance of data protection internally, and take decisive action, the higher the level of data security you will reach. An unclear email is worse than a team meeting in which you can talk through all the points and make your individual stance clear. And you can perhaps take over the managing of the accounts and access rights, or transfer them to a security office or administrator.

You can’t really do this with regards to the outsourcing partner, and therefore you will need to choose the right professional and reputable provider.

outsourcing4work can help you here. We are specialised in the procurement of reliable and excellently educated outsourcing professionals, and, as your contract partner, we will take over the responsibility of proper implementation. We will keep an eye on all activities with our own Scrum/Agile project managers, and will ensure that your project is realised exactly as you want it to be.