A recent article in The Economist questions whether it is safe and secure to trust a company’s computer network to a Chinese company. The specific concern in that The Economist article related to “a Chinese company with connections to the Chinese government and the People’s Liberation Army (PLA)” that would be providing services inside the corporate firewall. An unnamed former member of the U.S. Joint Chief of Staffs minced no words about this: “We’d be crazy to let [that Chinese company] on our networks, just crazy!”
Assuming that these fears are justified, what do you do if you can’t avoid (or don’t know if you can avoid) working with Chinese companies on sensitive matters? Not all of us (or our businesses) can “travel light” everywhere, all the time. But in an increasingly inter-networked world, how can you rely on your business partners to do the same level of diligence that you would? in the short term, your contracts are a good place to start: check for clauses providing indemnification and permitting auditing, and engage in serious discussions about security all around.
In the longer term, we may have to hope that enlightened self-interest yields more emphasis on business integrity from China, as this article suggests is happening. This may be just a hope, as similar hopes have existed for respect for improving protection for human rights and intellectual property.