SOC Reports Show Trust Your Supplier and Chainyard’s Commitment to Data Privacy

By Ravi Sabhikhi 

The exchange of information is crucial to business operations across all industries. Cyber security, confidentiality and data privacy are common concerns with document exchanges and other forms of data transfer. Trust Your Supplier (TYS), owned & operated by the blockchain services and solutions company Chainyard, recognizes that these issues are critical to network participants. In response, Chainyard has successfully completed SOC 1 & SOC 2 Type 2 examinations to further cement our commitment to meeting the utmost in data security requirements. 

At Chainyard, data security and data privacy are in our DNA. We ensure our clients’ security concerns are addressed across multiple areas. Chainyard built TYS, one of the largest supplier discovery and information management permissioned blockchain solutions, using a Hyperledger Fabric framework. This adds protection to the network by safeguarding the digital keys that access the data. 

Deployed on the IBM Public Cloud using the IBM Blockchain Platform, TYS adheres to all IBM Data Center security policies. The TYS production team also runs daily vulnerability scans along with minute-to-minute logs and can generate system alerts for any anomaly, notifying the appropriate people to take immediate action as required. These defined processes using state of the art technologies ensure Chainyard protects its devices and network against cyber attacks.

On the development side, the TYS team uses an Agile SDLC process where every user story is documented, and security concerns are addressed before each release of the TYS application.  

At Chainyard we constantly monitor and adapt to the evolving and increasingly complex privacy landscape. The public awareness of privacy has grown over the past few years and was an instrumental factor in passing legislation such as the California Consumer Privacy Act of 2018 (CCPA), and more recently, the California Privacy Rights Act of 2020 (CPRA). While Europe has led the way with GDPR compliance, more states and countries are developing their own data privacy laws, such as South Africa’s Protection of Personal Information Act (often called the POPI Act or POPIA). 

The TYS SaaS application is GDPR, POPIA, and CCPA compliant , with policies and procedures in place for data encryption in motion and at rest. Penetration tests (PEN tests) are performed multiple times a year by IBM X-Force Red in order to discover any security gaps and data vulnerability and perform security checks on the web interface and other access interfaces. All PEN test findings are reported and fixed in priority, as required by their severity level. PEN test reports are available upon customer request.  

Chainyard continues to demonstrate its strong focus on the privacy and security of our clients’ data by proactively and successfully completing Type 2 SOC 1 and SOC 2 examinations this year. This allows our clients to maintain peace of mind as they focus on improving lives and reducing costs. Mohan Venkataraman Chainyard, CTO, added that “our recent SOC 1 & SOC 2 certification is only one aspect of our growing infrastructure security program that includes, among other things, ongoing data privacy and confidentiality enhancements and platform security improvements to guard against cyber security threats”.

Established by the American Institute of Certified Public Accountants (AICPA), SOC 1 and SOC 2 examinations are designed for organizations across all industries and scope to ensure the personal and business assets of their potential and existing customers are protected. SOC 1 and SOC 2 reports are recognized globally and affirm that a company’s infrastructure, software, people, data, policies, procedures, and operations have been formally audited by a third party.  Chainyard’s SOC exams were led by A-LIGN ASSURANCE (A-LIGN), an independent auditing firm focused on industry-leading security and compliance, and trusted by more than 2,500 global organizations.  

A-LIGN’s Type 2 SOC 1 and SOC 2 audits of Chainyard’s infrastructure and internal processes revealed no exceptions, affirming that our company’s security policies, data protection, and privacy protocols meet or exceed the highest industry standards. These SOC examinations reinforce Chainyard’s commitment to information confidentiality and data security on the Trust Your Supplier network, and we plan to continue maintaining and re-evaluating our policies and measures to maintain this standard of excellence.  

Chainyard will perform SOC 1 and SOC 2 audits on an annual basis and make the reports available to current clients upon request and to potential clients upon execution of a non-disclosure agreement. If you are interested in viewing these SOC reports, please contact us.

 

The Trust Your Supplier (TYS) Network Welcomes GEODIS

GEODIS, a logistics company providing expertise in Supply Chain Optimization, Freight Forwarding, Contract Logistics, Distribution & Express and Road Transport, has joined the Trust Your Supplier network. 

By joining TYS, GEODIS will have access to a single, aggregated view of complete supplierprovided details presented alongside authoritative thirdparty information. GEODIS’ suppliers will benefit by eliminating manual repetitive process, experiencing an acceleration of qualification & onboarding processes, and gain the potential for new business opportunities.

We would like to extend a warm welcome to GEODIS, along with their suppliers, to the TYS network!

 

April Harrison Blog 0 Comments

Digital Transformers: Supplier Management Using Blockchain

Historically, procurement has considered themselves the ‘gatekeepers’ for enterprise contracts and supplier relationships. Information was regarded as power, especially if it could give them an upper hand in supplier negotiations. That paradigm no longer works.

Today’s procurement organizations are not only beginning to empower distributed buyers to make more and more independent decisions about suppliers, they are working towards stronger, more trust-based partnerships with those suppliers.

In this episode of Digital Transformers, powered by Supply Chain Now, hosts Kevin L. Jackson and Kelly Barner welcome Gary Storr and April Harrison with Trust Your Supplier to the podcast to discuss supplier management using blockchain:

· The importance of establishing mutual trust in a digitally transformed business environment and how specific technologies can help companies achieve that at scale

· How blockchain can not only increase the trust factor of supplier information, it can also prevent suppliers from having to manually make updates across a range of customer systems

· Ways in which the past year has helped procurement see just how reliant they are on their suppliers

Listen to the episode here.

RapidRatings Expands Partnership with Trust Your Supplier by Joining as a Buyer

As a TYS business partnerRapidRatings provides actionable insights into the Financial Health stability (FHR) of public and private companies around the world. 

RapidRatingsrecognizing the value proposition of Trust Your Supplier, is inviting their suppliers to the TYS network!

RapidRatings‘ experience as a TYS business partner has given them an opportunity to view the TYS platform in action, solidifying the value they will garner for their own procurement team and suppliers. This recognition of merit is a significant testimony to Trust Your Supplier. 

Trust Your Supplier values this additional partnership and welcomes RapidRatings, along with their suppliers, to the TYS network. 

Learn more at https://trustyoursupplier.com/tys-buyers/rapidratings/  

SourceConnecte Joins the Trust Your Supplier (TYS) Network

SourceConnecte is an online, blockchain enabled, B2B marketplace designed to facilitate discovery and continuous interactions between global-scale enterprise buyers and thoroughly vetted, suppliers. This Industry 4.0 marketplace has three strategic goals:

  • Efficiently leverage modern social media technologies to facilitate value-based interactions between enterprise buyers and vetted suppliers;
  • Establish a protected interactive environment capable of supporting high value B2B e-commerce negotiations and transactions; and
  • Exploit Industry 4.0 technologies to build and operate a strategic high value supply chains between diverse suppliers and global enterprises.

SourceConnecte was founded in collaboration with The Diverse Manufacturing Supply Chain Alliance (DMSCA). DMSCA is a Washington, D.C. area based nonprofit organization formed to provide direct development support to select diverse manufacturing suppliers towards their achievement of operational excellence, sustained engagement and business development, and continuous improvement in industry group segmented digitized supply chains.

By joining TYS, SourceConnecte’s suppliers will benefit by eliminating manual repetitive process, experiencing an acceleration of qualification & onboarding processes, and gain the potential for new business opportunities.

“SourceConnecte is proud to extend and expand our partnership with TrustYourSupplier. Trust in B2B electronic commerce is built on validated and verified data. That is why our partnership with TYS represents the Industry 4.0 solution for accelerating and securing the global supply chain.” – Kevin Jackson, COO, SourceConnecte

We are thrilled to welcome  SourceConnecte, along with their suppliers, to the TYS network!

Learn more at https://trustyoursupplier.com/tys-buyers/sourceconnecte/ 

The Value of a Blockchain-Based Identity

by April Harrison

A trusted supplier identity is the keystone of our Trust Your Supplier (TYS) platformTYS provides organizations a trusted exchange of information across an encrypted blockchain environment to minimize risk & fraud throughout the onboarding and life cycle of partnerships. Our value proposition relies on ensuring identity control and privacy for network participants. 

The exchange of information is crucial to business operations in all industries. Conventional systems are open to fraud, error and inefficiency. These manual processes lack data security and each participant has their own separate database, or ledger — increasing the possibility of human error or fraud. Shared databases cannot prevent malicious activity. Hacked entities can corrupt or destroy data in the shared database, making it invalid for everyone involved. 

Blockchain is designed for trust and secure trading, reducing vulnerabilities. It provides clear provenance and a single, shared, tamper-evident ledger. Once recorded, transactions cannot be altered. This is ideal for supporting auditing capabilities as it provides an immutable relationship history between parties. 

The TYS supplier profile data is sovereign, owned & controlled by the supplier, who can selectively share additional profile information with companies they choose to connect with on the network. 

This single, digital identity for suppliers can be shared with multiple buyers and business networks. A 2-tiered supplier profile approach allows suppliers to be discovered by new customers without handing over unlimited access to their data. 

To learn more about this innovative new approach to supplier identity that is transforming supplier relationships, please visit www.TrustYourSupplier.com 

Trust Your Supplier on Insureblocks Podcast

“Gary Storr, General Manager of Trust Your Supplier by ChainYard, explained to us some of the challenges that the supplier information management industry is facing with disparate sources of information and the role blockchain can help to mitigate them. In this podcast you will hear how Trust Your Supplier creates a trusted source of supplier information and digital identity that simplifies and accelerates supplier onboarding, lifecycle management and the seamless exchange of information.” – Insureblocks Podcast

Nokia Announcement

Nokia Officially Launches Onboarding of Suppliers into Trust Your Supplier

Nokia, a leader in the telecom industry, has announced the availability for their suppliers to transition to Trust Your Supplier as part of their digital strategy. By adapting TYS, Nokia aims to improve and expedite Nokia’s supplier qualification, validation, & life-cycle information management. Sanjay Mehta, Nokia’s VP Mobiles Networks Strategy talks about how TYS will be a game-changer for Nokia in this video.

By joining TYS, Nokia’s suppliers will benefit by eliminating manual repetitive process, experiencing an acceleration of qualification & onboarding processes, and gain the potential for new business opportunities.

“Working with IBM and Chainyard on this blockchain initiative represents a great opportunity for Nokia to further enhance our suppliers’ experience and optimize the onboarding process,” said Sanjay Mehta, Vice President Mobile Networks Strategic Sourcing, Nokia. “Using the latest technology to address a classical challenge will be of benefit for everyone, and further increase the speed of using innovative solutions.”

Trust Your Supplier values this partnership and welcomes Nokia, along with their suppliers, to the TYS network.

Learn more at www.TrustYourSupplier.com/Nokia