Owing to the GDPR, data breaches can end up being quite expensive—something the UK airline is now discovering for itself[1]. Risks inherent in supply chain management

The primary goal of supply chain management is optimizing all processes along the entire supply and value chain. Ideally, suitable interfaces are available to the partners for this purpose; in addition, there is a high level of trust between the companies involved, allowing suppliers and customers to learn about problems in their own supply chains, for instance.

Even so, disruptions occur time and again. Apart from those that may arise in the value chain itself, such as short-term delivery bottlenecks or production stoppages[3], these are mostly data protection incidents.

This is because suppliers must be able to access a company’s data and frequently also share additional information with employees, which broadens the scope for hackers and cyber criminals to attack. Another risk is that internal attackers—staff or administrators, for example—may gain unauthorized access to confidential information and steal, damage or manipulate it.

How does secure supply chain management work?

To minimize risks and avoid costly data breaches from the outset, companies should secure their supply chain—in the same way as all data processing systems must be adequately protected. This goes not just for the software, but especially for the underlying infrastructure.

Whether companies and suppliers use third-party cloud offerings or their own server infrastructures is irrelevant—the vulnerabilities are generally the same. Operators often rely on a combination of “technical and organizational measures”[4] to protect data from attack and loss. However, there is always a risk that the organizational measures could be circumvented and that employees of the operator or administrators could gain unauthorized access to sensitive data.

Sealed Platform: security through sealing?

The good news is that there is a safer approach! Sealed infrastructures like Uniscon’s Sealed Platform provide greater protection than conventional clouds and server systems. Instead of combining technical and organizational measures, the Munich-based TÜV SÜD subsidiary relies on a set of purely technical protective measures. They are almost impossible to circumvent even with considerable effort—not even by the server operator or administrators.

This is achieved, for one thing, with cages protected by sensors, a hardened operating system, and interfaces with special filters. An elaborate sealing process with independent checkpoints ultimately safeguards the integrity of the servers and, in turn, the integrity of the data stored and processed on these.

Uniscon’s ultra-secure cloud platform ensures that secure software is not compromised by gaps in the infrastructure. Thus, supply chain management applications can be secured to such an extent that unauthorized data access is virtually impossible, allowing companies to avoid big penalties like the one imposed on British Airways.

[1] https://www.bbc.com/news/business-48905907

[2] https://www.forbes.com/sites/kateoflahertyuk/2019/04/16/breaking-down-the-wipro-breach-and-what-it-means-for-supply-chain-security/#442914205259

[3] https://www.riskmethods.net/media/Content/Whitepapers/bme-lieferkette-so-mindern-sie-risiken.pdf (German only)

[4] https://gdpr-info.eu/art-32-gdpr/