In-Depth

In Offshore Markets, Security Lags, AJaX Leads

Nearly four-fifths of Chinese developers have experienced a security breach of some kind in the last 12 months, while non-U.S. developers are taking the lead with AJaX.

• By Stephen Swoyer
• 10/03/2006

China might well be the next frontier in global outsourcing, but it faces widespread security shortcomings in its own back yard.

That’s the conclusion of new research from development consultancy Evans Data Corp., which—in a survey of more than 400 developers from Eastern Europe, Brazil, China, and India—nearly four-fifths (79 percent) of Chinese respondents confirmed that they had experienced a security breach of some kind over the last 12 months. More to the point, Evans Data researchers said, security incidents in China were typically more serious than those experienced in other emerging markets (e.g., e-mail-borne viruses), with Chinese respondents reporting a large number of network breaches.

Elsewhere, 56 percent of Eastern European developers also reported having experienced a security incident of some kind over the last 12 months. That was significantly higher than the North American norm (38 percent). The implications for potential outsourcers, both here and abroad, are important, Evans Data researchers say.

“We see the information security sector growing rapidly as security threats escalate and dependency on IT systems increases for both multinational and domestic enterprises,” said Evans Data president John Andrews, in a statement. “This rapid growth only heightens the security vulnerabilities that are present as the end to end delivery of IT solutions mature.”

That’s not the only issue. Nearly one-third of developers (29 percent) in those emerging markets cited a pair of long-standing security bugaboos—for example, awareness of (and resistance to) social engineering and compliance with security policy—as their most difficult security challenges, and just under half (42 percent) of North American developers said the same thing. At the same time, the number of respondents who said that they hadn’t t lost information (as a result of a breach) was less in emerging-market countries than in North America.

The Evans Data’s study yielded a few other intriguing nuggets. Take AJaX, the hot new Web-application-development-model-du-jour. According to Evans Data’s survey of North American developers, just under 18 percent are working with AJaX. For the most part (with the exception of China, where just over 16 percent of developers use it), AJaX adoption in emerging countries easily surpasses that of North America.

In Brazil, for example, one-quarter of developers use the technology. “While we see strong adoption of AJAX globally, our latest research indicates the developer community in the emerging markets is embracing this programming model most aggressively,” Andrews said. “Given that these developers are spending a majority of their time developing Web applications, we only see this trend continuing.”

Elsewhere, Evans Data found, 42 percent of developers in those emerging markets are working with Flash—an adoption rate that’s considerably higher than in North America.

Meanwhile, developers in all regions expect to make more use of Linux as an embedded operating system. China is most enthusiastic about embedded Linux, with 39 percent of developers there projecting growth, while Eastern European programmers are less receptive. Not surprisingly, 90 percent of developers in emerging markets use Windows as the primary platform on which they host development.