ITMPI FLAT 005
Main Menu
Home / Uncategorized / Digital Supply Chain (In)Security

Digital Supply Chain (In)Security

Dave Lewis writes for Forbes about what he feels is a lack of attention on the important topic of digital supply chain security. A reliance on IT outsourcing for the help desk, code development, and expansion of partner networks means that information has to be protected just that much more thoroughly as it is passed along or even stored by third-parties.

Firewall for All

Lewis describes one incident in which security was not up to snuff:

At one organization that I worked for I went trawling through the tickets for passwords, configs and SNMP strings. What I found was very troubling. The worrisome aspect was that all of this information was stored in the databases of a third party that was located overseas. The transport was over HTTP and I had no idea as to the state of the database or if any record contained within it was encrypted.

The CIO had foregone proper security in the pursuit of getting the project up and moving. Gartner believes that IT supply chain security will be a top-3 security-related concern by 2017, but Lewis argues that time has already arrived. He has another example of a US-based firm that outsourced code development to a Russian firm, but the US firm did not have proper security in place and the Russians had access to encryption in a product set being developed. If you want to think about more ways you need to stay vigilant, you can read Lewis’s full article here: http://www.forbes.com/sites/davelewis/2014/07/28/digital-supply-chain-insecurity/

About John Friscia

John Friscia is the Editor of Computer Aid's Accelerating IT Success. He began working for Computer Aid, Inc. in 2013 and continues to provide graphic design support for AITS. He graduated summa cum laude from Shippensburg University with a B.A. in English.

Check Also

The Seven Activities of Project Closeout

People go crazy when a TV show like Firefly or Agent Carter gets canceled, because …

Leave a Reply

Your email address will not be published. Required fields are marked *