New announcement. Learn more

Contact Us
All
Contract managementAgiloftEducationCLMPains of Contract Management10 Pains of Customer Data ManagementCRMEducationalAIArtificial intelligenceContract lifecycle managementGartnerComplianceCovid-19LegalAI technologyAutomationConsumersContractsCustomer Relationship ManagementInvestmentOnline shoppingSaaSamSalesSecurityCLM systemsCollaborationContract lifecycleCovidDigitalE-commerceGlobee AwardsHeather McEwenLeaderMagic QuadrantNo-codeRiskRocketsparkSafetyScalabilityShopifySupportWomenWomen in businessWorking from home10 years2019 Agiloft Summit202120222024AccessibilityAdobe SignAgiloft AIAgiloft partnerAgiloft Summer ReleaseAgiloft SummitAI contract generationAI contract negotiationAI CoreAI machine learningAI risk scoringAlexaAndy WishartARAssessmentAudit ReadyAugmented realityAutomate pricing negotiationsAutomated AlertsAutomated contract creationAutomaticAvocadosAwardsBeginnerBetter contact managementBIG Innovation AwardsBrandingBringing pet to workBusiness analysisBusiness systemBusinessesCapitalChange managementChannel expertiseChristmasClauseCLM GuideCLM PitfallsCLM PreperationCLM ReadyCLM SuccessCLM ValueCLM-ReadyClosureColin EarlConfigerable no-code platformContractContract creationContract lifestyleContract Management SoftwareContract NegotiationContract repositoryContract templatesCorporate rolesCost fallacyCost SavingsCritical CapabilitiesCRNCurrenciesCustomer DataCustomer SatisfactionCybercrimeCybersecurityDataData sharingDesignDigital business cardsDigital JournalDogEcommerceEfficient contract managementElectronics recyclingEmployee firstEnterpriseEnterprise AIEnvironmental footprintEnvironmental sustainabilityEnvironmentally sustainable officeEric LaughlinErin LaughlinEvaluationExecutive managementFemale business ownersFemale-led startupsFlexibilityFlexible work policyFlintFuture PlanningFuture PlansFuture-ProofingGDPRGlobal ecommerceHealthy workplaceHolidaysHumansImplementationIncreased productivityInfluence in pacific regionInfrastructure LibraryIntegrationIntroductionIT companyLarge-scale integrated implementationsLas VegasLead ManagementLegal TechLoss of key personnelMachine learningMandalay Bay HotelManualMarketing CampaignsMarketScapeMetadataMicrosoftMicrosoft TeamsMinor development precipitates a crisisNatural language processingNavigationNegotiationNew contract managementNZ AvocadoOnlineOpen work environmentPetsPets in the officePets in workplacePlanningPlatformPlatinum Agiloft partnerPositive work environmentPredictionsProcurementProduct roadmapProgrsmmingProject managementRecyclable coffee podsRelease 25RetailRevenue OptimisationRic LaughlinRobotic processesSaaSSalesforceSearchSearch engine optimisationSEOService deskShoppingShut downSiloedSilosSingle-situation custom development projectsSolutionsSpike in ordersSpike in salesStrategyStreamlined operationsStrengthsSuppliersSupplySupply chain managementSupply managerTarget marketTech predictionsTechnologyTemplatesThe critical point in an evolving situationThe Pains of Contract ManagementTop threeUnsustainable modelUser interfaceVaccineVendorsVisibilityVoice activated technologyWACNZ2023WeaknessesWebsiteWebsite developmentWhat is CLMWinter releaseWomen entrepreuneursWomen of Channel awardWork from homeWork to liveWorkflow automation
TAGS

The challenges, rewards and tensions of sharing data with suppliers

Originally published on capsresearch.org

Supply managers face a daunting challenge when it comes to data. Sharing data with suppliers can improve efficiency, flexibility, quality, and new product development. But there are risks to intellectual property, corporate, and personal information, as well as regulatory and legal concerns, and attacks that could severely impair the organisation. 

Given the benefits, supply managers face pressure to share increasingly sensitive data but face challenges in securing systems and preventing breaches.

The new CAPS Research report Digital Connectivity and Data Protection in Supply Management examines risks, challenges, and best practices for sharing and protecting data.

Today, buyers and suppliers are more connected than ever. Organisations benefit from sharing data with suppliers to improve efficiency, flexibility, quality, and new product development. But those connections carry risks as well.

Though high-profile breaches of personally identifiable information (PII) have been made public, there have been relatively few reports of operational data breaches. This could mean protection plans are effective or it could indicate that companies aren’t aware they have been breached or are reluctant to go public unless legally required.

Organisations face an array of risks in managing relationships with suppliers and multiple tiers of suppliers. The growing use of connected devices, outsourced suppliers, and international supply chains elevate the challenge.

Factors that complicate data sharing

Attackers often look for weak links among smaller companies without sophisticated technology or security partners. That means your supply chain partners are on the front lines of protecting your organization's data. Here are a challenges companies encounter when sharing data:

  • Technological differences: Not all parties use the latest protection standards, technology, and policies.
  • Procedural differences: If they exist at all, policies and procedures can lead to confusion and gaps in protecting data.
  • Employee training: Suppliers may not have adequate employee training in managing and handling confidential information, reporting breaches and incidents, and overall cybersecurity threats and intrusion strategies that lead to vulnerabilities.
  • Monitoring: It's difficult to track data use and distribution at supplier locations, especially if that information is further dispersed into the sub-tiers of the supply base. Assessing supplier policies, procedures, and governance is critical, as well as, ensuring supplier management practices validate data protection & governance procedures are adequate.
  • Communications: While under investigation, information about attacks and breaches may be delayed or, in case of a loss, heavily filtered.
  • Legal liability: Establishing and enforcing liability is difficult, even when covered in contracts. It's even tougher with international relationships.

Tensions in security

Organisations face tradeoffs in managing security and business requirements.

  • Protection vs. Speed: Assessing and validating data protection requirements slow supplier selection, qualification, and onboarding.
  • Protection vs. Cost: Requirements may eliminate low-cost provider options.
  • Protection vs. Agility: Supplier base could be limited to only sophisticated suppliers that can meet requirements.

There's an overlap between internal data security and external security in relationships with suppliers. Both aspects are built on technology, people, and processes. As part of the supplier due diligence and evaluation process, organisations should examine suppliers’ capabilities in managing the risks inherent in sharing data.

Although it may not be possible to eliminate performance tradeoffs, understanding the gaps and looking for alignment between the organisations in the risk areas will help guide the process. The tensions mentioned will be a part of that process, as business priorities compete with security considerations.

After considering risks and relationships, it's helpful to look at best-in-class organisations that are effectively addressing these issues.




SaaSam Group Logo
Cyber Essentials + Crown Commercial Service Provider logos
Contact Us

Governance & Policies

Privacy Policy

Sustainability Policy

Modern Slavery Statement

SaaSam Group Limited | United Kingdom | Australia | New Zealand | Ireland | United States

Copyright © 2024 - Privacy Policy - dashboard
POWERED BY ROCKETSPARK