Portals eNewsletters Web Seminars dataWarehouse.com DM Review Magazine
DM Review | Covering Business Intelligence, Integration & Analytics
   Covering Business Intelligence, Integration & Analytics Advanced Search

View all Portals

Scheduled Events

White Paper Library
Research Papers

View Job Listings
Post a job


DM Review Home
Current Magazine Issue
Magazine Archives
Online Columnists
Ask the Experts
Industry News
Search DM Review

Buyer's Guide
Industry Events Calendar
Monthly Product Guides
Software Demo Lab
Vendor Listings

About Us
Press Releases
Advertising/Media Kit
Magazine Subscriptions
Editorial Calendar
Contact Us
Customer Service

RFID Value Chain:
RFID and Supply Chain Security: Obstacle or Opportunity?

online columnist Marlo Brooke and James Williams     Column published in DMReview.com
October 27, 2005
  By Marlo Brooke and James Williams

To visualize the concept of supply chain, it is natural to think about links in a chain. Of course, we all learned in kindergarten that a chain is only as strong as its weakest link. Supply chain security reflects that well-used metaphor.

Supply chain security involves a great many areas of risk and exposure. It has systemic problems similar to plant and office security, but it is exponentially more complex than that. Because supply chain involves external trading partners, focusing on only internal, company-centric controls is not enough. Globalization among small and mid-sized companies has increased security complexities for the average company. We must not only secure against inclement weather, shrinkage, vandalism and drugs, but the all too real possibility that a terrorist device might be inserted into a shipping container along the way.

Sound risky? Expensive? Only if we look at surface level. For there is an opportunity here and replacing rusty and tattered links with stronger and better forces can render some interesting results. Security in supply chain is a priority motivated not just by fear, but by a chance for competitive edge on a worldwide scale. This is because more and more global multibillion-dollar organizations are giving preferential treatment to suppliers who can clearly articulate and execute a solid supply chain security strategy.

One of the most well-touted supply chain security technologies is RFID. But like any other mechanism, RFID is only one tool in supply chain security, and it must be integrated into an overall strategy, implemented effectively and monitored closely to produce tangible results. This must be implemented into a system of redundancy to insure the health and viability of the supply chain.

When meeting with CEOs and executive vice presidents, we are constantly amazed by how many companies have never performed a security audit nor created an overall integrated security plan. We cringe at the risk exposure this lends to executive management and shareholders, not to mention the company's overall health. We have had ample examples recently of the effects of the weather on the supply chain, but how many companies have modified their logistics or even conducted a review of their strategies? For a smaller company, one breach in supply chain security could literally jeopardize the ability to sell into an entire country. Considering the risk, the small investment in creating a robust plan is well justified.

The first level of security is access control and, herein, RFID has been added to the mix of control systems, usually in the form of passive RFID badges. RFID badges offer flexibility and ease of access, but the very nature of RFID - being wireless - makes theft of its information easier. Because most badges respond to queries from readers that are nearby, the badge information may be stored and cracked at the hacker's leisure. Avi Rubin of John Hopkins University exposed an example of this vulnerability in Texas Instrument's (TI) SpeedPass system. Rubin was able to crack TI's 40 bit encrypted data in a very short time. This points to the need to use systems with much better encryption, and for very sensitive areas, possibility the use of encrypted readers, which would not trigger the tag to release its data until after an encrypted authentication handshake. Also, badges must be just a part of an overall security plan that includes locks, encryption and various forms of biometric recognition.

Companies must also get serious about a much wider use of Web-based and enterprise encryption. Every day, emails and other electronic documents that contain credit card, banking and proprietary information, are sent in the clear around the world.

Since the primary forms of shipping are truck and intermodal containers, companies should also look to improved container- and truck-level tracking and reporting systems. Global and radio-based RFID tracking systems are now being deployed, but they only offer partial protection. RFID systems that also record access, events and changes are needed to improve the security picture. The current method of relying on Seal systems is too easily defeated or forged. A container that has been entered and either had things removed or added to it might never be detected until it was too late. An RFID device that records such events and signals the information to the company and authorities can literally be a lifesaver.

There are many other RFID solutions that can improve supply chain security, but as with all RFID applications, they will only provide their full benefits to those companies that have a well-constructed plan for implementation as part of their overall security program, which includes data integrity, redundancy and integration from the beginning.

As with all such projects, everything starts with the phrase made famous by Deon Nel, senior practice leader at Avatar Partners. As Nel puts it, "Be sure to ask, 'What if.'"

  • What if there was a hurricane that destroyed our shipment or made shipping to or from an area impossible?
  • What if there was a dock strike that tied up the port for six months?
  • What if there was a trucking strike that made our normal shipping routes impossible?
  • What if someone stole a critical shipment of items, at the worst possible time?
  • What if someone was using our shipments to ship something extra into or out of the country?
  • What if someone was able to get extremely sensitive company information?

Selling supply chain security to a company is like selling insurance. Nobody wants to hear about it until the desperately need it, and by then it is usually too late. And yet, robustness and redundancy in the supply chain are essential, and security is not a nice to have, it is mandatory for competitive edge and survival. RFID can be an important component of that mix when properly applied.


For more information on related topics visit the following related portals...
RFID and Supply Chain.

Marlo Brooke and James Williams are principals at Avatar Partners (www.avatarpartners.com), an Irvine, California-based consulting organization specializing in end-to-end supply chain solutions, systems integration and Six Sigma. They lead a 25-consultant team that has helped many companies implement RFID and other supply chain optimization solutions. You can contact them at mbrooke@avatarpartners.com or jwilliams@avatarpartners.com.

E-mail This Column E-Mail This Column
Printer Friendly Version Printer-Friendly Version
Related Content Related Content
Request Reprints Request Reprints
Site Map Terms of Use Privacy Policy
SourceMedia (c) 2006 DM Review and SourceMedia, Inc. All rights reserved.
SourceMedia is an Investcorp company.
Use, duplication, or sale of this service, or data contained herein, is strictly prohibited.