Gartner, Inc. has released information from its Gartner Maverick Research about the security of IT and the global supply chain in the near future. This is an important topic, and I have asked Mike Kavis, vice president, Inmar Digital Promotion Services, and our resident cloud expert, about these concerns; we share Gartner's concern with security-related issues for the future of supply chain and all software for that matter.
A company's need to shift to building platforms is a key strategy for protecting customers, partners, shareholders, and infrastructure from security attacks. A shift to platforms means a shift away from building silo type applications. Silo applications create huge security risks because services like authentication, user access, patching, encryption, and intrusion detection end up being solved in a number of different ways (if they are even solved at all) and often can't get the necessary priority for updates as the application development teams are charged with building revenue generating enhancements.
Building platforms will allow companies to centralize security, ID management, and monitoring and deliver those services to all of the applications that leverage the platform in a consistent, manageable, and auditable manner. The other advantage of platforms is access to platforms is only permitted through standard APIs. This allows limited points of entry into a network and the ability to closely monitor who is trying to gain access and from where. This approach is similar to the security door and badge approach that most corporations implement within their buildings. If there are only one or two doors to watch, and you can only get in those doors with a badge or by signing in at the front desk, your risk is much lower than if you had 20 doors and nobody monitoring them.
While no one would buy a car these days without air bags and other safety measures, software buyers do not always consider proper safety measures when buying solutions. Buyers of IT supply chain services should demand that their vendors can pass security and privacy audits. Experience also plays a large part in a company's ability to securely handle their customers' data.
Software buyers often get star struck by vendors' well-designed power point slides or a flashy web page, but the smart buyer will look behind the curtain. As attractive as a web page may be, the heart and soul of supply chain software is the transaction processing, the business rules, and the underlying work flow. The engineering required behind the scenes needs to be scalable to process millions and millions of transactions. and each one of those transactions must be secure, meet regulatory constraints, and be auditable.
As we move towards 2017, the complexity of supply chain business models will create new security challenges for vendors. The need to invest in platforms and look for partners with a long track record of processing huge volumes of transactions is a key to purchasing software success. Ask to see your vendor's audit reports and choose a partner that will help simplify your security challenges so you can focus on your goals like driving up revenue.
Vice President, Inmar Digital Promotion Services
I hope you enjoyed Mike's perspective on this very important topic. What are your thoughts on this topic? We'd love to hear your perspective.