Article Preview
TopSetting The Stage
Rapid diffusion of the Internet while bringing numerous benefits, also demonstrated the urgent need to craft effective information security management practices. The nature of business and the technology intensive workplace provided challenges in implementing a comprehensive information security management practice at WirelessComSoft. As telecommunications industry was very competitive with innovation being the key driver for sustaining competitive advantage, the customers demanded proactive information security practices at WirelessComSoft to prevent any possible IP theft and leakages. The clients often did assessment of information security controls, which as per the Chief Information Officer were more strict and comprehensive compared to even International Standards Organization (ISO)/British Standards (BS) audits. The clients also required elaborate self-assessment documents which created the need for WirelessComSoft to implement a robust information security infrastructure and perform its own security audits periodically. The self-assessment reports often served as eye-openers for WirelessComSoft as it required a re-look at some of the organization’s information security polices, procedures and controls.
From being Bangalore, India centric, WirelessComSoft expanded its geographical reach to deliver global R&D services from its multi-site locations. Teams at WirelessComSoft’s software development centers located at China, Finland, Germany, India (Bangalore, Pune and Chennai) and Mexico collaboratively worked on multi-site projects. The importance of information security became more pronounced when all the different sites were networked together to facilitate such multi-site projects. Figure 1 highlights WirelessComSoft’s global presence.
Figure 1. Global presence of WirelessComSoft
Arora et al. (2009) contended that though IT services contributed to the bulk of off-shore revenue, there was increasing evidence of new product development and innovative R&D services being outsourced to Indian IT companies. Companies such as Microsoft, IBM and SAP Labs were shifting their new product development activities to India. WirelessComSoft, being one of the few Independent Software Vendors in India, catered to such R&D and product development outsourcing activity for Tier-I network manufacturing and semi-conductor companies in the US and Europe, by setting up dedicated Off-shore Development Centers (ODCs) at various locations. WirelessComSoft had to manage the confidentiality, integrity and availability of customer related information in the respective ODCs. The clients were very particular that teams working for them didn’t share vital information outside their ODCs. WirelessComSoft had to ensure and protect the intellectual property of its clients with a highly secure physical and logical IT infrastructure.