The rising costs of operations and technology continue to drive the off-shoring of software and business services to captive and third-party vendors. In the quest for greater operational efficiency and consequently, profitability, more businesses are exploring the possibilities of outsourcing to countries such as India and China. The task of moving work to another country is often an arduous one and technology and IT infrastructure are often the first and most hastily off-shored component of a software or business process. A company’s IT team needs to contend with a new set of system administrators and users who are unfamiliar with the protocols for IT management that are unique to the company. It is during this time that effective security event log management and event log monitoring become a challenge.
The Challenge of Logs in an Offshore Transition
The first challenge of outsourcing IT and business processes from one country to another is the stringent timeline demanded by the outsourcer and the vendor. While vendors do their utmost to have qualified and capable personnel to manage the technology transition, in most cases, the short timelines of the transition place the greatest pressure on both technology teams. A client expects business as usual and no impact on operations — especially customer-facing operations. A vendor expects sufficient time to transition, train and empower its employees to meet the service levels specified by the client.
One of the most challenging aspects of a transition is the effective management of logs by an offshore team. While cloud applications come in handy in offshore businesses, activities that transpire within the business may still need proper documentation. And the lack of a structured knowledge transfer and short transition timelines delay the vendor team’s understanding of past security events and the solutions available to handle them. Improper log storage is also a significant security risk. An ineffective review of security logs, application logs, firewall logs, server logs and IDS logs may result in a failure to identify an attack at the right time and consequently, place the operations at risk. Log files may be lost and represent a risk at the time of a review or an audit. Compliance is an important part of an offshore operation and it is vital to have easily decipherable reports available throughout the transition.
Meeting the Challenges
For several years now, there has been a concerted effort to meet these challenges through automation and the implementation of practices that ensure effective log management. State-of-the-art event and log monitoring software enable onsite system administrators to designate and provide appropriate control over logs to their offshore counterparts while retaining full control over the logs. The Log & Event Manager gives a System Administrator (SA) the power to transfer knowledge easily while training the offshore team on the identification of network and security incidents. LEM’s automated reports help administrators ensure compliance and train an offshore team in the analysis and management of security events.
With the right tools and effective security and network management process, IT transitions can be made easier or both the outsourcing client and the vendor.