Daily Archives: December 15, 2010

The Three Best Habits of Highly Successful SME Supply Chains

A recent article in Canadian Manufacturing on “the seven habits of highly successful SME supply chains” had three great habits that all supply chains should follow:

  • Long-Term Approach
    As the article points out, identifying overseas export markets and establishing supply chain partners in those markets can be a time-consuming and costly endeavour. As a result, it’s important to take a long term view when identifying overseas markets and selecting supply chain partners in those markets as you won’t be able to make a quick change if you make a mistake.
  • Inventory Intelligence
    In a downturn, it’s easy to get stuck with excess inventory that will have to be sold at a loss, if you’re lucky, or written off entirely, if you’re not. Also, in an upturn, it’s easy to sell-out and lose sales to a competitor with a similar product. In both cases, poor inventory management can cost your company a lot of money. Inventory needs to be based on real demand, which comes from demand signals. That’s why you need to take the leap of faith and tie into retailer PoS systems for current demand signals.
  • Cultural Cleverness
    It’s not just SMEs in Canada who have been vexed by unanticipated strains in relations and delays due to miscommunication sparked by cultural differences. That’s why this blog ran two series, edited by Dick Locke, on Overcoming Cultural Differences in International Trade and Cultural Intelligence. Before you work with a different culture, better get some cultural training.

Share This on Linked In

Keeping Your Industrial Control System Secure

Recently, the evil hackers have stepped up their assault with the design of viruses designed specifically to attack and exploit industrial control systems, including the Stuxnet worm specifically written to attack Supervisory Control and Data Acquisition (SCADA) systems, and, according to reports, Siemens control systems in particular.

As a result, you need to step up your efforts to secure your systems. How do you go about it? Start with the advice in this recent article in Industry Week that gives you “five keys to keep your industrial control system secure”.

  • Develop Security Awareness
    Viruses don’t just come from the internet. They also come from flash & USB drives that were infected on another computer. Be sure to install end-to-end anti-virus solutions and only copy / run new software after it has been scanned and determined to be virus free.
  • Do a Risk Assessment
    Determine the risk posed by each organizational system and lock it down appropriately. Mission critical systems or systems that control dangerous process or use dangerous materials should be locked down, and, if at all possible, taken completely off the internet.
  • Find the Legacy Systems
    Some of these systems might be so old that they are no longer supported. As a result, they’ll be especially vulnerable to new exploits as there will be no future patches to plug the holes and newer AV products will not support the legacy systems.
  • Triple Lock-down the Wireless Networks
    Now that Blackberries, iPhones, and Android devices can be used to control your network, the last thing you want is an open network that anyone with the right software and a mobile smartphone can use to log in locally and take control.
  • Communicate
    Talk to the IT people and keep abreast of the emerging security issues and have a plan to deal with them before they have their way with you.

Then do the following:

  • Lock down any output/display-only devices tighter than Fort Knox.
    Disable the USB / external drives, prevent installation of unauthorized programs downloaded over the internet, and make sure the approved anti-virus/anti-spyware programs can’t be disabled. It won’t prevent every threat, but it will prevent known threats from getting in and making more holes that other threats could exploit.
  • Do a regular security audit at least quarterly.
    You can’t just update your anti-virus programs once a year and assume everything is A-OK. Every install, every update, every new machine and new device is a risk. While you don’t need to go psycho and lock everything down and run a level 5 security threat assessment every week, you should run a basic set of scans and penetration tests once a quarter to make sure you or your staff haven’t inadvertently opened the back door wide open.

 

Share This on Linked In