
	Home > Ask the Information Security Experts > Network security threat management Questions & Answers > What considerations should be made when outsourcing IT infrastructure?

Ask The Security UK Expert: Questions & Answers

EMAIL THIS

What considerations should be made when outsourcing IT infrastructure?

QUESTION:
What security considerations should be made when outsourcing IT infrastructure, particularly with the network?

RELATED CONTENT

	Network security threat management
	Is it enough to analyse log files, or is an IDS necessary?
	What to look for in a network security audit
	How to address a spike in TCP and UDP flows
	How secure are extended validation SSL certificates?
	What should happen to users and devices that fail NAC policies?
	When to use a unified threat management system
	Cloud computing network security best practices
	When IT security costs are cut, which security product is a must?
	When running Wireshark, will adding a switch stop packet sniffing?
	How to enable a local keyboard after an RDP connection

IT Security Frameworks and Standards

How to develop a culture of security in the enterprise

ICO issues draft guidelines for personal information online

Using a privacy impact assessment template for DPA compliance

Benefits of ISO 27001 and ISO 27002 certification for your enterprise

How to write an information security policy

The elements of a compliance-oriented architecture

New products aim to streamline compliance efforts

A helpful BSI data protection standard for DPA compliance

How project management maturity models can reveal security strength

Consider a compliance-driven security framework

Information Security Risk Assessment: Methodology and Analysis

Are you too small for an email retention and archiving policy?

Improving software with the Building Security in Maturity Model (BSIMM)

Encryption basics: How asymmetric and symmetric encryption works

Getting the most out of the gap analysis process

Jericho Forum to provide customers with good security questions to ask

A guide to internal and external network security auditing

Insider threat detection still a challenge for employers

Get more out of your security event log data

Secure cloud computing: a contradiction in terms?

Report: U.K. lags in information security management practices

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

Financial Services Authority (SearchSecurityUK.com)

IISP (Institute of Information Security Professionals) (SearchSecurityUK.com)

ISO 27001 (SearchSecurityUK.com)

Jericho Forum (SearchSecurityUK.com)

UK Identity Cards Act (SearchSecurityUK.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Peter Wood EXPERT RESPONSE FROM: Peter Wood

Pose a Question

Other Security UK Categories

Meet all Security UK Experts

Become an Expert for this site

ANSWERED May 2009:
When outsourcing IT infrastructure, the first and most important thing is to ensure the contract requires your outsourcing partner to take security seriously, and will conform to your information security policy and standards (assuming you have them).

If you need an independent set of standards, then ISO/IEC 27002:2005 -- the Code of Practice for Information Security, is a good place to start. The information security guidelines and principles can be used as a checklist to determine the weaknesses in a company's general security posture.

You also need to ensure the contract gives you the right to audit and penetration test the infrastructure, processes and procedures.

If your proposed outsourcing partner is not able to respond proactively when you talk about security and audits, then you may wish to look elsewhere.

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

Access Management: Authentication, Biometrics, Password Security

SEARCH

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2008 - 2010, TechTarget \| Read our Privacy Policy