Hmmm,


This is kind of proof that this is an opinion piece..... The speed these worms travel now I'm really wondering how the outsourced staff are going to have any more time than anyone else
I can relate to that, I wish I had £1 for every self-styled industry pundit who touts his company's services

I think that it all boils down to what you mean by "outsourcing". Over here if you outsource a business area the outsourcing company is obliged to take on all your existing staff at their current terms and conditions, or you have to find them mutually acceptable alternative employment. So you lose control with no financial gain. All you are doing is moving overheads costs elsewhere in the budget.

In the case of hardware support, employing an external supplier is a very viable proposition. With security it is a different question, just like development. Sure you employ contractors or consultants, because knowlegable individuals are hard to find and keep, and the workload is not constant. This isn't really "outsourcing" in the true sense, and seems to be cacosapo's role.

Yes, I have seen a growth in the use of external agencies to filter the e-mail side of IT, but that is a quite specialist function, and it is difficult for a small to medium operation to match their service internally. The logic is a bit like using DHL rather than running your own transport fleet. You are effectively sharing the costs of a much more sophisticated operation with other customers.

In economic theory it is the advantage of specialisation and economies of scale.

I think that Tiger~ has it when he points out that malware travels so quickly these days that the outsourcers have no more chance of stopping it than internal staff. In fact, they probably have less chance as they have to keep their staffing down to make profits and cannot pull people from other duties, so they have no flexibility.

I have had experience of ousourcing, and none of it has been good. In the old days when we were rolling out a new product it was a relatively simple matter to get the infrastructure, network, and hardware support guys to "re-prioritise"; as soon as they were outsourced it was all SLAs (service level agreements), and meeting their SLA took priority.............I even had to go crawling to the users to borrow some of their software engineers (one of the advantages of working in high-tech armaments).

By all means sub-contract your hardware support and e-mail filtering, as you will probably get a better job done at a lower cost. Otherwise stick to employing consultants, contractors and external auditors. That way you retain control as you have merely agreed with and external provider to supply an individual with a certain skillset for a certain period, with agreed responsibilities at an agreed price. The difference between that and outsourcing is that you retain control.

Just my thoughts