Equipping BPOs is a heavy lift for enterprise IT and security teams. We need a radical change in approach

Nowadays, most any business function — customer contact centers, data analysis, software development, finance, payroll, and more — can be outsourced.


Equipping BPOs is a heavy lift for enterprise IT and security teams. We need a radical change in approach

Nowadays, most any business function — customer contact centers, data analysis, software development, finance, payroll, and more — can be outsourced. Cost-cutting remains a major driver, but companies also like the potential to build more resilient and agile organizations. There are plenty of benefits, ranging from the ability to tap specialized talent, to minimizing fixed expenses, to responding more quickly to shifts in the market.

But this increasing reliance on outsourcing has serious implications for CIOs and their IT and security teams who have to navigate a plethora of thorny tradeoffs in their efforts to make these remote contractors productive. And do so while protecting sensitive or confidential enterprise data from being leaked, stolen, or otherwise compromised.

Negotiations, tradeoffs and sacrifices

Business Process Outsourcing, or BPO, is a huge and growing trend. A recent report by Grand View Research found that the global BPO market reached a value of $261.9 billion in 2022, and projects it doubling to $525.2 billion by 2030.

The overriding objective for most CIOs when onboarding a BPO is to make those workers as productive as possible so the company can realize the intended ROI of the partnership as quickly as possible.

But cyber security, privacy, and data protection risks are inherent in these kinds of relationships. BPOs are attractive targets for cyber criminals, who see the opportunity to steal a motherlode of valuable information by targeting a single BPO and pivoting to breach its many customers. What’s more, the BPO’s computers and mobile devices are typically not managed by the organization, so it is impossible to ensure the integrity of every endpoint and guarantee the BPO’s overall security posture is up to snuff.

These risks spawn a series of questions, conversations, and negotiations about how to set things up for success.

Are we going to procure and ship them devices? Who’s going to pay? Configure and manage? (Buying and servicing devices for a 5,000-worker contact center adds up quickly!) Should they use their own devices? If so, should we install our VPN client? Or implement virtual desktop infrastructure?

There was a time when the legacy solutions to these challenges were the best choice to deliver a flexible workspace and enforce security for BPOs. But with the powerful alternatives available today, every traditional path now forces unpalatable tradeoffs in either worker productivity or security.

VPNs? They slow down internet connections and are complex to set up and manage. That can lead to configuration errors, lost productivity, and security vulnerabilities.

Endpoint agents? Not easy to deploy to every device. And they come with their own management overhead, compatibility issues, privacy concerns, etc.

And then there’s virtual desktop infrastructure (VDI) solutions. VDI is effective at reducing some of the risk, but might be one of the most cumbersome technologies in the modern enterprise stack, for both the end-user and IT administrators. Setting aside the extremely high cost of VDI, latency alone can be a merciless productivity killer. Picture a contact center worker drumming their fingers as they wait for seconds or longer to access a virtual desktop running in the cloud halfway across the world. Throw in some video or VoIP, and the session quickly becomes intolerable for the contact center worker and the customer they are trying to help.

Without that added latency, how much more quickly could the support rep resolve an issue? How many more support calls might that rep make or field if they had a fast and safe work environment? And how much more satisfied might the customers be on the other end of those calls?

VDI may be the most glaring example of a “least bad” solution the enterprise has been forced to accept as it strives to balance productivity and security. In the interest of stronger data controls, we accept suboptimal productivity and an atrocious user experience.

Changing how we solve problems

When it comes to equipping BPOs — or any third-party contractors — with the tech to do their jobs, friction and tradeoffs have been the norm. Clearly, something has to change. BPOs are on the rise and cyber criminals are not going to relent. Enterprises have a lot to lose.

These are problems that many in the industry feel destined to fight forever. To contemplate an “Infinity War” — one without a real-life Tony Stark to save the day — can at times feel dispiriting.

Enterprises genuinely need breakthrough thinking that can end the tradeoffs. Island’s Enterprise Browser is that breakthrough.

Bob Schuetter — a well-regarded CISO who’s been recognized as a top 25 Global CISO by Gartner and a top 100 CISO by Cyber Defense Magazine — talked about this in a podcast.

“It’s very difficult to defend your cloud by pushing out agents or controls on all the devices reaching into your cloud,” said Schuetter. “But it’s easy to push out a web browser. And once your enterprise browser is on their device, then and only then can they reach your cloud. You can basically contain the data in the browser. This can solve a lot of problems we’ve been trying to solve forever, in very unique ways.”

Schuetter elaborated that enterprise browsers combine the endpoint and the network in a single spot, delivering pervasive visibility and controls in the last mile. “It’s the final piece of the secure edge vision.”

Where and how enterprise employees and contractors work have changed forever. As Schuetter underscored, we need entirely new ways — like enterprise browsers — to solve the new problems that arose from this shift. “VDI can get really disrupted,” he noted.

In an era of pervasive BPO and remote work, we need to fundamentally change how we approach these problems. Island’s Enterprise Browser represents that change, providing a gateway into corporate applications, but fully governed, fully controlled and with a natural experience for workers. The Enterprise Browser brings the era of security versus productivity tradeoffs to an end. To learn more about the Island Enterprise Browser and how it can keep contractors productive while keeping your data secure, please visit https://www.island.io/solutions/3rd-party-contractors

About Author

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.