Feeds

When information sharing goes wrong

Trust in the supply chain

High performance access to file storage

Workshop One of the most troubling phone calls I have ever received was from the irate managing director of an IT reseller. I was working as a channel manager for a major software company at the time and the complaint was that we had a leak.

Extreme carelessness

After a bit of investigation, we figured out what had happened. A few days before, I had had a sales review with my boss and had written a list of potential deals on his whiteboard. He subsequently had my reseller’s competitor in his office for a meeting and had not cleaned the whiteboard. During the meeting, the second partner had obviously made a note of everything on the board, then proceeded to poach the prospect list.

"when markets are tight and margins are thin, many people will take advantage of every edge they can get"

This may be an extreme case of carelessness and dodgy ethics, but it does serve to illustrate that some of the romantic notions we have about the free sharing of information with trading partners can come across as a bit naive.

Business is business and when push comes to shove, especially when markets are tight and margins are thin, many people will take advantage of every edge they can get. We might pride ourselves on our ability to cultivate trusted relationships but information can easily be abused in ways it’s often hard to anticipate.

Appreciating the dangers of business-to-business knowledge sharing is becoming increasingly important. The advantages of more open communication and exchange of data between trading partners are clear.

In a supply-chain context, for example, there are benefits to sharing forecasting or other information with key suppliers. If they know what you are likely to be asking for, they can be better prepared to deliver it promptly when orders are placed.

Rush, rush, rush

Conversely, persuading suppliers to give you access to inventory, capacity and other fulfillment-related information can help with your own planning processes. As an example, knowing in advance whether your suppliers can do their bit when a customer wants a rush order can make the difference between an immediate deal and losing the order.

The same principles apply further into the process. An open exchange of information with your sales channel can help you forecast and plan efficiently. Later, collaborative selling can boost the collective sales effort.

All such exchanges are becoming easier as technology advances. Creating extranets based on customer, partner or supplier portals is much simpler than it used to be. Indeed, packaged applications can help to open up your systems to trading partners. Content management systems also often cater for outside access, and some licensing models even allow for user accounts to be recycled to deal with transient third-party access.

Together with continuous improvements in communication – from email through instant messaging to web conferencing – and the emergence of technology that allows direct transactions between systems, some might argue that the exchange of information has actually become too easy.

The question is whether an understanding of the risks, and of the safeguards necessary to protect against them, are keeping up with developments.

Dangerous people

Four key areas are important to consider here: the security of systems and information; the legal framework within which sharing takes place; the enforcement of security and compliance policies; and staff awareness and training.

In other words, you need robust control, explicit contract terms governing what can be done with shared data, good procedures and a responsible workforce.

On this last point, the share-by-default culture that has grown up around social media is one of the dangers to look out for, as it has a tendency to bleed from the personal to the professional. It is a real problem in business, where as we have seen information can represent tangible value.

So, while integration of information flows is getting easier and can have significant advantages, it is critical to cater for the associated risks, particularly the people-related ones.

Be clear about what you want to share, with whom, and under what circumstances, then put in place the processes and safeguards. ®

High performance access to file storage

More from The Register

next story
Sorry London, Europe's top tech city is Munich
New 'Atlas of ICT Activity' finds innovation isn't happening at Silicon Roundabout
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.