1. YOUR SUPPLY CHAIN:
KEEP IT SECRET,
KEEP IT SAFE
Moving Towards Trusted Trade
Who Do You Trust? Anyone?
You got up that morning, tore open the plastic wrapping surrounding your newly issued uniform,
carefully ironed out the new uniform creases, put it on, still warm, paused for a few head turns in
front of the mirror, and headed off to work, proud of your new look. Mere hours later you, and your
co-workers in their new uniforms, were covered in a body rash and gasping for breath, victims of
the hazardous formaldehyde in your uniform.
That’s what happened to energy company workers in Australia in 2007 when they received new
uniforms. The uniforms came from their normally reliable supplier—an Australian clothier whose
products were made by their business partner overseas. What the Australian importer didn’t know
was that the clothing company had outsourced some of their work to a third party who used
formaldehyde in the production of the uniforms.
YOUR SUPPLY CHAIN WHITE PAPER 1
2. Moving Towards Trusted Trade
That same year a women’s wear company based in the U.S. similarly sold undergarments laced
with formaldehyde. Almost every week we learn of product recalls associated with lead, cadmium,
melamine, antifreeze and other hazardous materials being included in food, hygiene, toy and other
products sold in the United States.
Are these just random instances where foreign corporations are being irresponsible because they
can make more money using cheaper substitute materials? That seems to be the consensus. But
what if at least some of these are calculated attempts to judge what and how products are tested
and verified when they enter the U.S.? Perhaps some of these events are much more nefarious than
we think. The equivalent in the IT sector would be inclusion of malicious code in shipped software
or hardware that could compromise either corporate or national defenses.
Do you know where your products come from? Who handled them? Who provided the raw
materials and the components? Who knows that you ordered them and exactly what you are
expecting in that order—and where it is shipping to? Today, you and your organization may be
the last to know the answers to these questions. Not knowing is dangerous. Just ask the energy
workers in Australia.
YOUR SUPPLY CHAIN WHITE PAPER 2
3. Moving Towards Trusted Trade
Insecurity in the Supply Chain
The elongation of supply chains in recent years has made them brittle (see graphic). The farther
away from the buyer, the less is known about the product, who is involved in making it, and what
really goes into it. For some products, Gandalf’s advice to Frodo regarding the One Ring, “Keep
it secret, keep it safe1” is a necessity—but how can you hope to keep the product safe when you
don’t know who manufactured the product, what the product is made out of, or where the product
is? Supply chains were once about a buying organization purchasing a product made by one
company—often a conglomerate that provided everything contained in the product.
The advent of specialization allowed for cheaper manufacturing but introduced the need for
multiple companies to work together to produce the various parts that go into a product along
with someone to assemble it. Now there are very complex relationships among manufacturers,
the companies they outsource to and all the companies that provide each of them with the raw
materials and components they use. What once was a single link truly has become a multi-link
supply chain with spider web-like relationships among the players.
Brittle Supply Chains: Easily Broken, Difficult to Repair
Corporate leaders have found that managing hundreds of foreign suppliers and, in turn, their
suppliers, has proven to be difficult and has led to “brittle” supply chains. The challenges for
government regulators, corporations and U.S. consumers include:
Distance
Differing laws within all countries involved in the supply chain
Foreign political uncertainty
Unreliability of foreign IT infrastructures (rolling power outages in China, for example)
Unreliability of foreign physical infrastructure (trucks, trains, ships, ports, etc.)
Lack of security throughout the various suppliers, carriers and ports
Goals of banks and factoring agents not in alignment with U.S. national nor
consumer interests
Vulnerability of ships at sea (to terrorists, pirates, etc.)
North American goods increasingly coming through Mexican ports instead of U.S. ports
Potential drug cartel involvement
Further reduction in control over goods headed to U.S.
It is hard to find a reliable replacement when a supplier is lost
1
J.R.R. Tolkien’s The Lord of the Rings: The Fellowship of the Ring
YOUR SUPPLY CHAIN WHITE PAPER 3
4. Moving Towards Trusted Trade
Today, it is not enough to know that you ordered something and it is supposed to be shipped in
15 days. You need to know more and you need to know it quickly as your organizational situation
can change at a moment’s notice. Unfortunately, the IT infrastructure necessary to keep a watchful
eye on these complex supply chains has yet not been put in place. Most supply chain management
systems only see into the first link of the chain—and leave buyers blind to their vendor’s suppliers.
This, despite the fact that federal agencies like the Consumer Product Safety Commission (CPSC)
have the authority to demand deep supply chain insight from any retailer or supplier if a consumer-
oriented product is found to have hazardous material in it.
Better accuracy and visibility to events and data in the supply chain are critical components of
developing and maintaining trust in trade. Tools exist today that can enable a more complete and
timely view of supply chain information. Unfortunately, most organizations haven’t deployed them.
Consequently, orders are rarely delivered “perfectly2” and the accuracy of supply chain information
is constantly being questioned. Today, most companies seem to prefer to pay the penalties for
inaccuracy (including fines, increased insurance premiums, and lawsuits associated with hazardous
products) rather than try to coordinate and understand their supply chains better.
1
The high-tech industry, for example, considers an order “perfect” if it meets these criteria:
Delivered On Time
Delivered to the Right Location
Delivered Complete
The Product is Damage-free
Product functions as expected
YOUR SUPPLY CHAIN WHITE PAPER 4
5. Moving Towards Trusted Trade
National Security Perspective
For the sake of national security—both from the homeland security and a military perspective—
this “pay the fine” mentality needs to stop. The CPSC initiative to gather a chain of custody
information on products deemed hazardous should be one of the drivers towards a more trusted
supply chain. DoD also needs to ensure all items it purchases are delivered “perfectly,” and this
should be a second driver. Higher insurance costs for insecure supply chains should be a third.
And higher government fines for importing hazardous products should be a fourth. Interestingly,
better information actually leads to better supply chain performance, so companies deploying and
utilizing such systems will likely see improvements in stakeholder equity as well3.
If we can get more consistently accurate and reliable information, and get it delivered when and
where we need it, all our supply chains will function more efficiently and we will lower the risks
associated with global trade. Ironically, as we do that—as we get our supply chain information
more accurate and our visibility more insightful—we introduce a Perfection Paradox: the greater
the accuracy of information in the supply chain, the more we make that supply chain an enticingly
accurate threat vector for those with malicious intent.
Still, we cannot continue to perform inefficiently. Rather, we must embrace the Perfection Paradox
and improve the visibility into our supply chains while concurrently improving the IT infrastructure
that controls access to supply chain information so we can ensure not just a “perfect order” but a
“trusted order.”
3
The AMR Research (now part of the Gartner Group) Supply Chain Top 25 is released every year. This list represents the
global companies with the best performing supply chains. Every year the companies on this list—on average—significantly
outperform the rest of the stock market.
YOUR SUPPLY CHAIN WHITE PAPER 5
6. Moving Towards Trusted Trade
Supply Chain Insight
To achieve the perfect order, we must provide more meaningful insight into our supply chains.
To do this we need some tools and processes. These include:
INFORMATION AUTOMATION: Information about products should be synchronized utilizing
proprietary commercial catalogs or industry standard synchronization engines—like that provided
by the GS1 organizations. This makes sure that product information, upon which trade is based,
is consistent and the same across actors in the supply chain. Multiple industries acknowledge that
bad data is one of their top two or three issues. This solves that problem.
DOCUMENT AUTOMATION: The messages of trade (design diagrams, contracts, purchase orders,
invoices, electronic funds transfers, shipping notices, shipping status updates and more) need to be
automated. Every step of the process needs to be automated so that keying and re-keying errors
are eliminated and everyone is utilizing the same information. This also increases the speed of
transacting business and provides an easily audited transaction history.
TRANSACTION VISIBILITY: The movement of these automated documents is valuable not just
from a historical perspective. In fact, there is more value in knowing—in real time—the status of a
transaction. Implementation of transaction visibility tools will let appropriate parties know the status
of any order at any step of the process and make it easier to change when necessary.
LOGISTICS VISIBILITY: Similar to transaction visibility, logistics visibility provides real-time insight
into the actual movement of goods through the shipment process. A limited set of tools are
available for small package delivery from UPS and FedEx, but much more robust solutions are
available and should be deployed. These provide information on when a shipment leaves the
factory, what carrier it is on, where the carrier is at any given time, and—when paired with sensor
technologies—important information about the container the product is in. Sensor technologies
can relay container status such as temperature, humidity, whether the container has been opened,
and more.
Deploying these technologies will enable greater accuracy between buyers and sellers. Deploying
them across multiple tiers of the supply chain—for instance between the seller and its suppliers
as well—allows for visibility stretching the entire length and breadth of a transaction. Such
information—spread across the entire supply chain and made available to all appropriate actors—
will help set and meet expectations and, certainly, foster greater trust.
YOUR SUPPLY CHAIN WHITE PAPER 6
7. Moving Towards Trusted Trade
Trusted Trade
However, the very nature of increasing accuracy and better setting and meeting expectations will
make all that supply chain information much more valuable to outsiders as well. Whether corporate
spies, terrorists or others harboring ill-will, the information in a more perfect order becomes more
vulnerable. Bad data is less desirable—and less useful—than good information. This means we
need to deploy a means of reducing the risk that good information brings with it. And that means
turning perfect orders into trusted orders.
Applying Trusted Computing technologies for device integrity, data protection, network
authentication, and secure domain separation can go a long way towards addressing the
Perfection Paradox by improving the security of the information supply chain. Trusted Computing
technologies ensure that the computers we use, the networks they connect to, and the disk
drives we store supply chain data on are free from malware and worthy of our trust. The end
result is assurance that our supply chain information is not only accurate and available, but it is
also safe. We can then answer Gandalf’s return visit question to Frodo “Is it secret, is it safe?”
in the affirmative.
YOUR SUPPLY CHAIN WHITE PAPER 7
