Despite the benefits of time and money savings that outsourcing supposedly provides, the outsourcing debate continues on. Of late, perhaps the most worrisome factor regarding outsourcing is security risk, which is creating a great deal of fear and doubt among many firms when signing such contracts.

For all of the time and money outsourcing supposedly saves, it’s still creating a lot of doubt and worry among outsourcing watch dogs. Security risks seem to be the culprit du jour lately, scaring many firms into signing more conservative outsourcing contracts.

As it relates to security risk, the Outsourcing Times serves up some outstanding points in a piece published last year:

A critical area of consideration for any organization looking for an outsourcing partner is the level of security that the partner can provide for its data. This consideration should not be lost sight of in the search for the service level and cost effectiveness of the venture. It is important to clearly define the security objectives in the agreement, and provide for enforcement of provisions for any breach of security.

When hashing out outsourcing agreements of any type, one would think that seasoned executives would be on the ball when it comes to security support. In reality, they’re behind the eight ball as this disturbing news item from Sci-tech Today points out:

As a result of growing concerns over security at foreign call centers, U.S. companies that engage in so-called business-process outsourcing, or BPO, continue to wrestle with the ultimate question about shipping services overseas: Is it worth the risk?

Then, further down the article:

According to John C. McCarthy, vice president for research at Forrester, some outsourcing providers forgo background checks of employees and even help applicants dress up their resumes. In one security breach last year, three former employees of MphasiS, a company providing outsourcing services, were arrested for stealing more than $350,000 from four customers of Citibank. The workers were accused of acquiring passwords and transferring money from customers’ bank accounts into their own.

In the past, businesses might have been more willing to roll the dice on whether or not their security would be breached through an outsourcing partner. Today, the dynamics of the security gamble are beginning to change very rapidly, according to McCarthy, who surveyed 91 U.S.-based I.T. companies and found that, of those that were actively investigating or using offshore call centers and customer-service providers, nearly two-thirds of them were either cutting back on their contracts or taking a closer look at the vendors’ security practices.

A recent Booz Allen survey also found that execs are kept awake at night thinking about security breaches to their outsourcing infrastructures. Out of 158 U.S.-based senior executives, information security is one of the top three most important factors in selecting an outsourcing partner, chosen by 50 percent of respondents, ahead of financial strength, business stability, and reputation. Another kicker: 85 percent of respondents said they may be willing to pay 10 percent — 15 percent more to be ensured of superior security.

“The outsourcing industry is at a crossroads,” said Booz Allen Vice President Vinay Couto. “As security concerns rise, the industry needs to establish security capabilities that restore the trust of outsourcing customers and provide them with the information they need to make good decisions.”

The report also brings to light concerns about cyber crime, customer data theft and network security issues:

• Nearly 70 percent of respondents reported reviewing their outsourcing strategy in response to hearing of recent high profile cyber crime incidents.

• Half of all respondents are skeptical of the security claims by outsourcing providers — 30 percent of respondents find security capability claims impossible to verify, and 20 percent find provider security claims not credible.

• 91 percent were somewhat or very concerned about data theft or misuse.

Says Booz Allen principal Jim Newfrock: “The industry is now mature enough to benefit from public-private partnerships to alleviate some legitimate security issues and close the perception gap among outsourcers.”

So let’s do that.