Hello. My name is Carl Weinschenk. I am a contributing writer to TechRepublic. I am doing a story on in-house versus outsourced security. I have some related questions that I would appreciate feedback on:
The rationale behind outsourcing is that security is very complex and needs real time 24/7/365 attention. If this is so, what procedures can an IT staff take to ensure that the security firm is a.) honest itself and b.) giving the enterprise the best possible service?
What other dangersare there in giving up control of something so vital?
How do these issues stack up against the headaches of creating and maintaining an in house department?
Thanks
