Security & Outsourcing
[Inland Revenue] learned a lesson after one incident, during the previous EDS contract, when its security department found out about cost-saving plans to shut a data centre and move sensitive information to a shared site only after an internal memo was circulated.
A great many operational decisions are security decisions. Knowing what to put into an outsource contract is hard, and I hope that painfully learned lessons get shared quickly.
(Via SecurityFocus Elsewhere.)