As data breach litigation continues to increase, companies need to worry about a new point of vulnerability - overseas employees. Many large companies outsource customer services to India and other low-cost providers to take advantage of lower wages. However, this same advantage can create a risk that those employees will provide data, or access, to bad actors in exchange for bribes.
Other laws, including the Foreign Corrupt Practices Act (FCPA), prohibits bribery of foreign officials by American companies and their agents. Companies must comply with regulations that prohibit employees from paying fees related to obtaining labor certification or employment, including bribes. However, it is not clear whether any courts have addressed a company's duty to avoid bribable employees in the context of data security. Companies need to consider this risk in addition to the more traditional risks of phishing, phishing, ransomware, denial-of-service (DoS) attacks, man-in-the-middle (MitM) attacks, SQL injection, cross-site scripting (XSS), zero-day exploits, and brute force attacks. Obtaining or reviewing Cyber-Insurance policies to determine coverage for these risks is also prudent.
salaries in India are not high – often between $500 and $700 a month. Due to low salaries, some workers in India were persuaded to hand over confidential customer records in exchange for bribes.
www.hindustantimes.com/...
[View source.]
