Real problems with outsourcing IT who does the contractor work for?
While the U.S. Government has been remarkably opaque about the recently discovered security breach at the Office of Personnel Management (OPM), we know that personal information on at least 21.5 million present, former, and prospective federal employees was lost. The Feds claim Chinese hackers are at the bottom of it, which is disputed by the Chinese government. This, to me, raises a number of questions, especially about the possible role of IT outsourcing firms and implications for organizations beyond OPM. Does IT outsourcing make your data more vulnerable? Yes, I believe it does.
Its easy to blame the Office of Personnel Management for its own troubles. Oversight was lax. The agency failed a security audit and didnt seem to do much in response. When shit hit the fan and it became clear that the identity of almost every living person associated in any way with Federal employment had been compromised, the agency lamely offered 18 months of identity theft screening but then didnt have the money to pay for it. Pathetic. Both the Obama Administration and Congress are to blame, the former for mismanagement and the latter for starving the beast by limiting the OPM budget, pushing the agency toward cost-saving decisions that at least to some extent led to the current crisis.
http://www.cringely.com/2015/07/30/who-is-your-it-outsourcing-firm-working-for/