Information overload

by Dave Luton

It’s been said that companies in the supply chain can use three things to break down the silos that traditionally separated their differing functions: transparency, time and trust.

The first of the three, transparency, is a tricky thing to foster. And it’s getting trickier. Over the past few decades, many companies have worked to create systems and processes that allow them to share information on basic business activities—such as the status of shipments—without tipping their hands too much about sensitive business objectives.

Historically, the flow of information between parties in a supply chain was limited to whatever was crucial for carrying out an effective and efficient transition of shipments from supplier to customer. That included things like purchase orders and basic in-transit information.

That is changing. Now 3PLs and other supply chain service providers are asking shippers to divulge deeper strategic data in an effort to optimize service.

There are several reasons behind the drive for more data. Much of it has to do with mitigating risk. Offshore sourcing, smaller supplier bases, inventory reductions and volatile demand have greatly increased the risks involved in supply chains. This ups the possibility of disruptions. By increasing the transparency of information within the supply chain, potential issues can be collectively managed on a collaborative basis or avoided altogether. This results in better performance.

So shipments today carry far more information than those of the past. If the multiple parties involved are to conduct operations in an efficient way, transparency of information and smooth data flows are crucial.

Technology supports

One reason companies are able to share data more securely is that the technology used to exhange information has improved immeasurably.

Once upon a time, before internet use became widespread, companies relied on electronic data interchange (EDI) transmissions to share data with their trading partners. They often did this using a modem with a value-added network (VAN) hosted service as an intermediary.

The rise of the web resulted in the development of internet-friendly data-sharing tools, which made EDI much faster and easier to do.

Today, many companies are pushing things further by using cloud computing. This pay-as-you-go model removes the obligation for companies to invest in built-in software, making it easier for them to update capabilities as required. It also allows all parties to access a centralized hub of information with little more than an internet connection and a password.

One of the many promising things about this technology is that it creates the potential for pre-shipment data-sharing among multiple participants in the supply chain. For example, on the demand side, a retailer could share sales data with vendors, 3PLs and carriers in real-time as it occurs. And on the supply side, a shipper could share its inventory levels with customers.

The risks

Ironically, while data-sharing is intended to reduce supply chain risks, sharing more data can expose companies to unwanted consequences.

The main risk is of an unauthorized access caused by a security breach. A common commercial information breach is the disclosure of proprietary company information to competitors and/or the public at large.

This can include sensitive customer information, supplier data or internal intellectual property.

A related problem is the misuse of financial information to facilitate fraud. If someone from a competing firm gains unauthorized access, he or she could delete or alter data relating to orders, pricing or products.

It’s important to note how such data thiefs get as far as they do.

Often, they will hunt down passwords using “sniffer” or “cracker” software—one of the simplest and most common methods of attacks. Many will also engage in spoofing attacks by forging the “from” address so that a message appears to have come from a colleague, co-worker or another trusted source. Most people don’t think twice before sending information—possibly confidential—right back.

One of the problems in sharing information is that data security is often only as strong as its weakest link; all it takes is one mistake email to give someone access to an entire network of information. From here, he or she can modify order, shipment or billing information to his or her own benefit.

In today’s ethics-driven business environment, it may seem unlikely that a competitor would resort to such measures, but it does happen.

It is therefore essential to carefully plan and implement the necessary security measures to protect points of communication and to ensure that key information is not compromised. Needless to say, it is important to have a good firewall around confidential data and experienced staff on hand to maintain it properly.

If you can protect yourself, you’ll be able to share information effectively. That will put you one step closer to a truly collaborative supply chain.

Dave Luton (dluton@cogeco.ca) is a consultant in the greater Toronto area.