Government looks to defend supply chains from attacks


government supply chain defensePart of any supply chain management strategy should be features to protect the information being transferred between each component of the business entity. As the number of data breaches continues to rise and the cost of information loss or corruption is also growing, CIOs are realizing the value of supply chain protection services and are working with IT providers to secure information and maintain supply chain growth in the short and long term.

U.S. Department of Homeland Security has created the 2013 National Defense Authorization Act to prevent data breaches in government supply chains across the country through improvements to supply chain management software designs. Software developers and IT contractors must meet increased requirements when creating codes and defining solution integrity levels to help maintain national security and improve supply chain performance. The government will implement regular assessment of supply chain management best practices to ensure all technology and IT services are meeting the required standards and are not riddled with common flaws that leave precious data vulnerable to attacks.

Make data protection a priority
According to the source, the Department of Defense is launching a software assurance directive that requires IT professionals to use automated vulnerability analysis tools to double-check the security and integrity of software coding throughout the supply chain lifecycle. Data protection efforts will encompass all aspects of the supply chain, preventing even the most sophisticated hackers from penetrating into business networks.

Beefing up a supply chain's digital protection scheme with enhanced encryption tools, more advanced password strategies and additional monitoring and securities surrounding mobile devices could help. The more security surrounding supply chain operations, file-sharing and communication channels, the more efficiently companies can adapt to market changes without data breach disruptions or complications. When digital information is threatened, lost or corrupted, supply chains experience significant setbacks that can lower profits, increase expenses and tarnish a reputation with peers and clients.

A whitepaper from VeriSign outlined the major challenges security frameworks must address through strong supply chain management practices, including:

  • Authentication: Verifying the user tapping into information on a network is who they say they are.  When dealing with other companies and branches in a supply chain, companies must identify and authenticate partners on both the sender and receiver ends for optimal security. Some companies use passwords, biometric technology or other solutions to create a barrier for unauthorized users.
  • Data protection: Ensuring information cannot be intercepted or modified by unauthorized parties. There are two levels of data protection: confidentiality and integrity. Data confidentiality is enabled through transport protocol layers that keep information safe throughout the transit from sender to recipient. Data integrity technology ensures the information transmitted has not been altered since leaving the verified source.
  • Access control: Guarantees security-sensitive tasks are performed by authenticated users with permission.  Access control has four major functions including using credentials to determine the identity of users performing an operation on a network, and consulting identity management services to define the roles of all users. Access control also determines the sensitivity of an operation, and evaluates authorization rules to determine user credentials, roles and authorized activities.

Through these stages and barriers, supply chains can be secured and company operations can remain efficient and free from disruption, corruption, loss or error.

Are you defended?