Warehouse and Inventory Management Blog for eCommerce Retailers and 3PLs | Infoplus Commerce

4 Realities Your Warehouse and Logistics Teams Must ‘Come to Grips With’ About Cybersecurity

Written by The Infoplus Team | Oct 17, 2018 4:03:22 PM

Everyone has known for years that cybersecurity is a big deal. The real wonder is that fulfillment and warehousing operations are not talking about it more with their IT departments. Warehousing and supply chain are particular points of vulnerability, and having a completely secure WMS is a modern necessity.

Let’s break down this argument into four realities, and a conclusion.

Reality 1: Internal Systems Cannot Keep Up With Cybersecurity

Companies that use internal WMS, logistics, and supply chain systems are vulnerable to attack, especially if the company is larger in size. This means providing not only the software and hardware for those systems, but also up-to-date cybersecurity systems. This can quickly balloon the IT budget and make internal systems costly (or, worse, woefully out of date).

Reality 2: Partners Are Already Sharing Data Via the Internet

The logistics game is already rife with data transfer via the internet. Vendors and partners both up and down the supply chain already exchange large amounts of data to fuel real-time insights, track the location of products, and more. Every point of data transfer is already a point of potential vulnerability.

Reality 3: New Technologies Are Necessitating the Move to the Cloud

So why not move to cloud systems? Indeed, IoT and mobile are expanding what technology can do and where, which means that logistics solutions and WMSs are, of necessity, moving to the cloud and transmitting data across widely dispersed networks. All systems involved will have to be robust and proactive in thwarting cyberattacks.

This is easier than having each proprietary internal system do updates piecemeal. Cloud solutions can be hosted on secure platforms that are updated regularly. This spreads the cost of updates across many platforms, making up-to-date cybersecurity much more cost effective. The same goes for regular audits and testing.

Reality 4: Hacking of Logistics Systems is Not Innocuous

So what can potentially happen if an outside entity gains access to the data in your WMS? You might think that customer payment information is all they are really after. Alas, there is much more harm that an attacker could potentially do; for example, they could:

  • Steal other customer information (addresses, items ordered, etc.)
  • Manipulate freight systems
  • Install ransomware
  • Misrepresent data
  • Stop or delay orders
  • Trigger unnecessary orders

(Here is an even scarier thought: It is estimated that only about 25% of “cybersecurity” issues directly involved an attempted crime. Human error, equipment failure, software bugs, and incompatibility of systems can just as easily cause any of the above problems!)

Conclusion: Having a Completely Secure WMS is a Modern Necessity

Having a completely secure WMS is necessary to prevent the above problems, to the extent that you can. As hinted above, one of the best ways to do this is to invest in a cloud-based WMS where the underlying platform has the latest and greatest in terms of security.

For example, our own Infoplus is hosted on Amazon’s platform, Amazon Web Services (AWS). AWS is widely believed to be one of the most trusted providers of cloud computing, with excellent cloud security and services. Infoplus itself takes advantage of AWS’ 256-bit encryption so that access is secure, no matter what device you are using.

We also take it upon ourselves to do regular product updates, many of which include additional security updates. This helps us guarantee that our clients’ data will be safe, even as they seek to integrate their system both internally and with external partners and vendors.

Without such care being taken, what would happen to your data? Would it really be safe over the long run? Would there really be no consequences if someone had inappropriate access to it? Put this way, the need for a completely secure system should be obvious.

P.S. We Want to Know!

If you are an Infoplus user and you have discovered any potential security vulnerability, please see our policy on Responsible Disclosure. Notify us by submitting a support site ticket. Publicly disclosing a security vulnerability without informing us first puts the community at risk. When you notify us of a potential problem, we will work with you to make sure we understand the scope and cause of the issue. Thanks!