Look After Your Data: Keep It Secret, Keep It Safe

By Procurious

January 04, 2017 at 10:54 AM

At ProcureCon IT in Amsterdam in 2016, Procurious Founder Tania Seary picked the brains of Kaushik Yathindra, Manager, Procurement Analytics, HSBC and Florian Schroeder, Head of IS Commodity & Contract Management, Bombardier Transportation to learn more about how to implement data security, the end of Safe Harbour, and the effects of Internet of Things (IoT). Here are notes from the discussion: 

Where to Start?

Why is data security so important? As Florian Schroeder pointed out, you wouldn’t leave your most valuable possessions at the front door, you’d hide them away somewhere secretive. We should consider our data in the same way and not leave it exposed to hackers.

Data security is one of the fastest growing areas of IT spend. An estimated $1 trillion is going to be spent globally between 2017 and 2021. But how do you make sure your money is well spent, and your information secure?

Whilst data protection is a huge concern for organisations, it can be difficult to know where to start, particularly given the multiple types of data security on offer. Here are a few points to consider:  

  • To ensure the security of both your and your suppliers’ data, it’s first important to understand the roles of everyone concerned. How will your procurement, legal, compliance and IT teams collaborate to ensure that contracts fulfill the level of service required in your organisation? 
  • Consider data security in all of your organisation’s decision making whether it be Sales, Accounting or IT.
  • Take what you need and nothing more. There’s no point in collecting useless or excess information. The more you have, the more that can get stolen. Likewise, only store information as long as your organisation has a need for it. And when you do dispose of it, do it securely!
  • Ensure your service providers have adequate security measures in place. And don’t just take their word for it – get it in writing!
  • Use complex passwords. Make sure they’re stored securely, and keep the most sensitive information secure throughout its lifecycle by encrypting data when it is transferred.

As both panelists reminded us, you can never ensure 100% security while there are hackers looking for it!

The End of Safe Harbour

Changing privacy regulations can make choosing where to store your data a complex process, particularly for global organisations.

In the EU, for example, privacy laws forbid any citizen’s data to be moved outside of the EU unless transferred somewhere with adequate privacy protections.

Safe Harbour was an agreement between the EU and the U.S. in which the U.S. government promised to protect the information of EU citizens if transferred to the U.S. by American businesses. 

This has been an extremely convenient agreement for companies such as Facebook. These companies were, up until now, able to store all of their EU data in U.S. centres.

Last month, however, the European court of justice ruled the agreement invalid. This will mean a lot of paperwork and red tape for U.S. businesses trying to move information out of the EU.

Perhaps the future is in establishing EU-based centres to handle data for EU citizens? Google, Facebook and Apple are already leading the way on this.

And it’s not just the end of Safe Harbour that will shake up Data Protection policies. The General Data Protection Regulation (GDPR) framework was formally adopted by European parliament in April this year to be implemented by May 2018.

If the UK has completed Brexit negotiations by this stage, they will face pressure to adhere to the GDPR framework in order to continue trade within the single market.

Digitisation and the Rise of the Internet of Things

Kaushik explained how banks are moving towards complete digitisation in order to accommodate the next generation of customer who expect to be able to do everything online. Whilst this is great in terms of customer convenience, it presents additional data security challenges.

The worldwide Internet of Things market is predicted to grow to $1.7 trillion by 2020. More than half of major new business processes and systems will incorporate some IoT elements. It won’t be long until every aspect of our daily lives is connected. We’ll have smart bridges, smart cars, smart houses, smart vending machines…we could go on!

Of course, with great tech developments comes greater data protection challenges. The Internet of things adds a significant threat layer in which physical devices can now be hacked, have their information stolen, and even be remotely controlled.

There are a number of ways that organisations can manage data security relating to the Internet of Things. These include:

  • Encrypting sensitive data as close to where it’s generated as possible, rendering it useless to attackers in the event of a breach.
  • Only sharing information on a need-to-know basis.
  • Applying end-to-end encryption to ensure that sensitive information captured by IoT devices is protected throughout its lifecycle. 
  • Procurement teams can help move the market towards a world where security becomes a part of IoT products. 

In the words of Gandalf, when it comes to protecting data, keep it secret keep it safe.



Tags: purchasing MRO indirect Risk management Supply chain management Procurement Technology sourcing IT
Category: News Article

Procurious

user_avatar

Procurious is an online business community dedicated to procurement and supply chain professionals. It’s a hub to advance your career, develop your skills and expand your global professional network. With 17,000+ members across the globe, Procurious aims to empower procurement leaders to connect, collaborate and take a more innovative professional outlook. Think of Procurious as a professional network, news and knowledge hub, learning and career center, all in one place. Join at www.procurious.com.


Please add a comment

You must be logged in to leave a reply. Login »


Related Content

Fleet Management: What are the Program Options?

Source One Management Services

Attention, fleet managers: Have you ever spent an entire week tracking down personal mileage from your drivers to calculate employee fringe benefits? Do you have any high risk drivers and would like to understand their driving patterns? Do you dread … Read More

Emotional Intelligence in Negotiations

Tom DePaoli

Purchasing and supply chain professionals must be aware of and strive to improve their emotional intelligence. A definition of emotional intelligence is the capacity to be aware of, control and express one's emotions and to handle interpersonal rela… Read More

Talent Management: Why Professional Development is So Important to Procurement

Guest Editor

Do we need to wait until technologies and automation address operational needs to free up the time for (paraphrasing Kraljic) Purchasing to become Procurement? The answer is “no.” Good Procurement – efficient and effective – for the foreseeable futur… Read More


Supplier Profiles

Staples

Staples Advantage is the one supplier that offers all the business solutions you need, all with the expertise of a specialty vendor. Read More

Digi-Key

It started in 1972 with an idea, a new concept in distribution. Today, Digi-Key Corporation is one of the fastest-growing electronic component distributors in the World. The stimulus for this growth is Digi-Key's customer-centered business philosophy… Read More

Lunney Advisory Group

Lunney Advisory Group was founded in 2007. Our firm is not your typical consulting company. Some members of our firm are highly qualified and experienced industry executives/practitioners while others are full time or adjunct university professors.… Read More


Webcasts

What CEOs Expect Of Purchasing

Guest Contributor

Procurement and supply management leaders have a seat at the table, and management’s expectations are high. But what do CEOs really want, and is purchasing delivering on these expectations? This webcast looks at how procurement and supply management … Read More

Growing Purchasing Influence On Indirect Spending

Guest Contributor

At world-class companies, purchasing’s influence touches just about every area of spending. But, how exactly do procurement teams get to the point where other departments approach them for help with sourcing such indirect categories as human resource… Read More

Procurement-Finance Collaboration

Guest Contributor

Procurement & finance are two business functions which are often at loggerheads with each other. One reason for this is the lack of perception alignment on an important metric of procurement and finance performance - 'savings'. Read More