India cracks down on offshoring data security

India is creating a new regulatory body to improve the level of security for the country's offshore IT services and business process outsourcing (BPO) companies.

The initiative has been spearheaded by IT trade association Nasscom to assuage fears about Indian data security - in the wake of incidents of call centre data theft - and promote the region as the safest place for IT and BPO amid rising competition from other offshoring locations.

Sunil Mehta, VP of Nasscom, told silicon.com: "The key objective of creating the SRO [self-regulatory organisation] is to raise the floor in security and safety standards in Indian outsourcing across the IT industry."

He said data security and privacy concerns have been identified as "the largest barriers to free trade".

The body will set standards for privacy and security, and monitor its members to ensure they adhere to them. If it discovers breaches it will consider a "range of punishments" which could include expelling members or involving law enforcement, according to Mehta.

Training will also be offered to companies that need support in order to be compliant with the security standards.

Nasscom has been working on the initiative for more than a year and has invested $300,000 to launch it. The search is now underway for a CEO, which it hopes to find within six months. Once the CEO is hired, the body will become entirely separate from Nasscom and will be funded by membership fees.

The body will be run by the CEO and a board of members from across the industry and will be open to international companies as well as home-grown ones. Mehta expects many of Nasscom's 1,050 members will want to join and said membership could provide a competitive advantage in winning offshoring business.

This is just one of Nasscom's recent efforts to improve data security and privacy in India. It has been instrumental in improving legislation and providing training for Indian police officers in cyber crime fighting tactics.

Earlier this year it also launched the National Skills Registry to provide accountability for IT employees, which Nasscom says now includes 70 per cent of the IT workforce.