The Pandemic has disrupted supply chains around the world for a wide range of goods, including electronics and other crucial pieces of IT equipment.   Supplier relationship management has been put to task. Companies struggle to source needed parts, manage inventories and more.  The current situation is undoubtedly causing stress for IT leaders. This unique situation also gives organizations the opportunity to reset their IT supply chain visibility and security policies.

Demand + Shortages = Extended Lead Times

The initial pandemic-driven remote-work mandate appears to be a permanent shift in many workers converting to a hybrid or full-time telework. This in turn led to a surge in electronics sales.  With both increased demand and the fallout from recovering closures and continuing understaffed factories in China, this created a domino effect of shortages of both laptops and datacenter to edge supporting architecture.  As 2022 kicks off, average lead-times for laptops and displays are 16 weeks, 8 to 16 weeks for servers and storage and 8 weeks to 9 months for networking gear.

Security Risks and New Requirements

The supply chain shortages create several risks for IT professionals. This includes third-party service providers’ physical or virtual access to information systems, software or intellectual property; poor information security practices at lower-tier suppliers; compromised software or hardware purchased from suppliers; and software security vulnerabilities in supply chain management or supplier systems.

To combat these new risks, many agencies are incorporating new security requirements into every request for proposal and contract, including the following:

• Having a security team work onsite with any new vendor to address any vulnerabilities or security gaps
• A “one strike and you’re out” policy regarding vendor products that are either counterfeit or do not meet specifications.
• Tightly controlled component purchases
• Secure software lifecycle development programs and training for all engineers in the product lifecycle
• A security handshake between software and hardware. This is where a secure booting process looks for authentication codes and will not boot if the codes are not recognized.

Most importantly, working together with suppliers is more important than ever. Especially this is prevalent in small or mid-size private companies who want to be nimble enough to juggle resources to help one customer without hurting another.   Small to mid-sized private suppliers are often more flexible with financial options. These options include accelerating payments and changing contract terms so receivables are more easily factored, providing a dynamic discounting program or leveraging supply-chain finance programs.

Long-Term Order Forecasts

Letting the supplier have longer-term order forecasts will ensure priority status for supply delivery.  Likewise, make a point to report supply constraint updates monthly. This will allow insight into the changing supply recovering times.  The more a supplier can rely on and trust what it’s hearing from a customer, the more it can make the critical business decisions that can help it get through the crisis.

By addressing supply chain visibility and security now, companies will get through the current crisis.  This will make their IT supply chains more resilient and secure in the years to come.