IT is intrinsically involved with every aspect of business. It would be difficult to imagine IT not being directly involved with updating systems, evaluating new systems, or applying new security features to secure communication channels.
One aspect of supply chain management intersecting with IT that has had a rather distinct, significant impact involves process flow. In years past paperwork had to be physically handled in the process flow. There would need to be a hard-copy invoice, purchase order, or authorization to transfer product.
The simple act of manipulating a piece of paper may take a substantial amount of time. With paperwork requiring one signature, the time delay due to processing would not be a fantastic amount of time. The lag time for processing may only be a few minutes to handle the fax, sign or complete whatever task for the paperwork, and wait to use the fax machine. The process used to be more complex when more than one person had to sign off on the paperwork due to scheduling, and other factors.
The advancing technologies has certainly streamlined this process. Beginning years ago, users with documents were able to scan and digitize the documents. Once this was done, the document would be sent to the end user that required the document. If there were to be multiple people that were required to view the document, this likewise could be accomplished in a fraction of the time in comparison to the other.
Although this is clearly a benefit to the process, for the organization, the users, and created a more efficient method of communication. There is however another aspect to take into consideration. The document has been digitized and would be sent via the internet to the other party (parties). The documents may have sensitive or confidential data or information, including intellectual property. If the document is not encrypted adequately or sent in an insecure method, any benefit achieved by the digitizing of the document would be erased for years of cost savings. This would be due to the loss of the data and the potential harm done from the document being compromised. These costs, financial and operational, may be short- and long-term in nature.
To be in the best position, the organization would need to address the security with this. There are several methods to accomplish this task across the unique formats. This includes encrypting the document, using secure communication channels (e.g. HTTPS, TLS 1.2, etc.). On this front, not all security is the same. As an example there are differing levels of encryption. A portion of these, while a valid form of encryption, are too weak to be used. This is likewise application to the communication channels. Granted, technically TLS 1.0 is a form of a secure communication channel, it is by far too out of date and not secure anymore, being replaced by TLS 1.1, and later by TLS 1.2.
About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.
Share on Facebook
Share on Twitter
I'm busy working on my blog posts. Watch this space!