The prevalence of procurement software and other related programs in materials acquisition has obligated users to find new ways to secure their data. Digital intelligence collected from sensors, expense reports and other sources are often aggregated onto cloud servers where the information can be dissected by data analytics. Though this technique provides suppliers with valuable insight, it opens up avenues that hackers could exploit.
Too good to ignore
With security considered, the benefits associated with spend management cannot be ignored. Many of these programs sync with automated invoicing, allowing companies to quickly process and file purchase orders. This electronic workflow allows organizations to quickly and efficiently determine which expenses are congesting budgets and where savings can be achieved.
According to Supply Management, Head of Indirect Procurement at textile manufacturer CWS-boco Marcin Chramega stated that his centralized team managed about 40 percent of the company's $278 million annual indirect spend with the assistance of an expense analysis program. Chramega noted that the software allowed his department to eliminate operational inefficiencies, in addition to helping him deduce how the company can save money.
"I will show all these misses and gaps with the assessment of the data," said Chramega. "This will help me to drive the business and procurement to the next steps."
Where the challenges lie
However, with electronic invoicing comes avenues through which malevolent figures could gain access to company networks, meaning that business account information could be compromised. Dean Wiech, managing director of Tools4ever, a company offering robust identity and access management software, stated in an interview with Manufacturing.net that data protection is just as much a part of distribution as procurement and spend management. Wiech noted that companies should implement policies that allow access to financial information only when it's absolutely necessary.
Although Wiech believes that manufacturers and distributors alike are cognizant of data security, there are three components that they may be neglecting:
- The use of role-based access control arrangements to prevent unauthorized people from accessing sensitive information.
- When a worker's responsibilities shift, firms need to ensure their security permissions are appropriately updated.
- Once an employee leaves an organization, his or her database entry must be terminated immediately.