White Paper ERM
Format: ZIP file
Language: EN & DE
Publication date:
3.
2014
Preview
Projectgroup: SP2
Abstract
A close business relationship between project partners and suppliers is a necessary part of developing innovative products. This requires a continuous, secure exchange of documents in both directions – at an increasingly rapid pace and often with many partners at the same time. And all while preventing sensitive company information from falling into the wrong hands.
Exchanging information used to be comparable to playing volleyball: “We are on one side and we know all of the players on the other team.” Today, the situation is more like basketball: All of the players on the court are constantly changing positions at a rapid pace.
Each development project develops its own individual dynamics, challenges, and complexity. In all of this it can be easy to lose sight of the project as a whole, and carelessness, ignorance, or hastiness can result in data being insufficiently protected or forwarded to the wrong parties. For example, what happens to data stored on a partner’s hard drive after the project is over? Is this data really deleted? Or does it just sit around on the partner’s computer, perhaps even waiting to be used as a sample project for a new acquisition?
In addition to human error, criminal intent must not be ignored; parties may intentionally forward information to the competition or engage in targeted industrial espionage. For example, spies are often sent to infiltrate medium-sized companies to collect product information over a period of several months. The damage this causes to the German economy increases year on year: decreasing revenue, loss of a company’s position on the market, contractual penalties imposed by a project partner, or even the end of an otherwise successful long-term client relationship. In addition, if fake or low-quality replacement parts cause accidents which result in personal injury or damage to property, this can ruin a company’s good reputation.
So what can we do about it? Should we be afraid of the complexity of the challenges that face us and just wait for the perfect, comprehensive IT system to materialize?
Or should we start here and now to look for practical, viable solutions to help us effectively close potential gaps in security in some initial, manageable areas of the organization today?
To do this, we must use the tools at our disposal to create mechanisms that can automatically manage the ways in which parties access and transfer documents. The experiences we derive from this process help to shape rules and guidelines for actions that can be used to establish trustworthy relationships with future collaboration partners more quickly. In today’s business world it still takes far too long for project partners to successively eliminate all individual security concerns and agree upon a common way in which to proceed.