This insightful article by VentureBeat features a fantastic interview with Gary Storr, General Manager of Trust Your Supplier. Chainyard’s experience with blockchain technology has been a differentiating factor for TYS, an example of the innovative use of blockchain for any industry that requires trusted relationships.
Join us this week at our Hyperledger Global Forum sessions to explore how we are helping companies innovate their businesses.
Join Lightning Demo: Supplier Digital Passport using Trust Your Supplier – Michelle Armstrong, Chainyard
Join Panel: Consortium Building Through Business Value – Gary Storr, Trust Your Supplier; Pia Gaviria-Desvernay, British Telecom; Eric Evans, Rapid Ratings; Manikandan PY, Schneider Electric; Nuno Pedro, Nokia
Join Session: Supply Chain Security – Tackling Compliance, Fraud and Counterfeiting – Mohan Venkatamaran CTO & Isaac Kunkel, SVP Consulting Services
Register to attend and join us there! https://bit.ly/2RfKiWe
By Ravi Sabhikhi
The exchange of information is crucial to business operations across all industries. Cyber security, confidentiality and data privacy are common concerns with document exchanges and other forms of data transfer. Trust Your Supplier (TYS), owned & operated by the blockchain services and solutions company Chainyard, recognizes that these issues are critical to network participants. In response, Chainyard has successfully completed SOC 1 & SOC 2 Type 2 examinations to further cement our commitment to meeting the utmost in data security requirements.
At Chainyard, data security and data privacy are in our DNA. We ensure our clients’ security concerns are addressed across multiple areas. Chainyard built TYS, one of the largest supplier discovery and information management permissioned blockchain solutions, using a Hyperledger Fabric framework. This adds protection to the network by safeguarding the digital keys that access the data.
Deployed on the IBM Public Cloud using the IBM Blockchain Platform, TYS adheres to all IBM Data Center security policies. The TYS production team also runs daily vulnerability scans along with minute-to-minute logs and can generate system alerts for any anomaly, notifying the appropriate people to take immediate action as required. These defined processes using state of the art technologies ensure Chainyard protects its devices and network against cyber attacks.
On the development side, the TYS team uses an Agile SDLC process where every user story is documented, and security concerns are addressed before each release of the TYS application.
At Chainyard we constantly monitor and adapt to the evolving and increasingly complex privacy landscape. The public awareness of privacy has grown over the past few years and was an instrumental factor in passing legislation such as the California Consumer Privacy Act of 2018 (CCPA), and more recently, the California Privacy Rights Act of 2020 (CPRA). While Europe has led the way with GDPR compliance, more states and countries are developing their own data privacy laws, such as South Africa’s Protection of Personal Information Act (often called the POPI Act or POPIA).
The TYS SaaS application is GDPR, POPIA, and CCPA compliant , with policies and procedures in place for data encryption in motion and at rest. Penetration tests (PEN tests) are performed multiple times a year by IBM X-Force Red in order to discover any security gaps and data vulnerability and perform security checks on the web interface and other access interfaces. All PEN test findings are reported and fixed in priority, as required by their severity level. PEN test reports are available upon customer request.
Chainyard continues to demonstrate its strong focus on the privacy and security of our clients’ data by proactively and successfully completing Type 2 SOC 1 and SOC 2 examinations this year. This allows our clients to maintain peace of mind as they focus on improving lives and reducing costs. Mohan Venkataraman Chainyard, CTO, added that “our recent SOC 1 & SOC 2 certification is only one aspect of our growing infrastructure security program that includes, among other things, ongoing data privacy and confidentiality enhancements and platform security improvements to guard against cyber security threats”.
Established by the American Institute of Certified Public Accountants (AICPA), SOC 1 and SOC 2 examinations are designed for organizations across all industries and scope to ensure the personal and business assets of their potential and existing customers are protected. SOC 1 and SOC 2 reports are recognized globally and affirm that a company’s infrastructure, software, people, data, policies, procedures, and operations have been formally audited by a third party. Chainyard’s SOC exams were led by A-LIGN ASSURANCE (A-LIGN), an independent auditing firm focused on industry-leading security and compliance, and trusted by more than 2,500 global organizations.
A-LIGN’s Type 2 SOC 1 and SOC 2 audits of Chainyard’s infrastructure and internal processes revealed no exceptions, affirming that our company’s security policies, data protection, and privacy protocols meet or exceed the highest industry standards. These SOC examinations reinforce Chainyard’s commitment to information confidentiality and data security on the Trust Your Supplier network, and we plan to continue maintaining and re-evaluating our policies and measures to maintain this standard of excellence.
Chainyard will perform SOC 1 and SOC 2 audits on an annual basis and make the reports available to current clients upon request and to potential clients upon execution of a non-disclosure agreement. If you are interested in viewing these SOC reports, please contact us.
Historically, procurement has considered themselves the ‘gatekeepers’ for enterprise contracts and supplier relationships. Information was regarded as power, especially if it could give them an upper hand in supplier negotiations. That paradigm no longer works.
Today’s procurement organizations are not only beginning to empower distributed buyers to make more and more independent decisions about suppliers, they are working towards stronger, more trust-based partnerships with those suppliers.
In this episode of Digital Transformers, powered by Supply Chain Now, hosts Kevin L. Jackson and Kelly Barner welcome Gary Storr and April Harrison with Trust Your Supplier to the podcast to discuss supplier management using blockchain:
· The importance of establishing mutual trust in a digitally transformed business environment and how specific technologies can help companies achieve that at scale
· How blockchain can not only increase the trust factor of supplier information, it can also prevent suppliers from having to manually make updates across a range of customer systems
· Ways in which the past year has helped procurement see just how reliant they are on their suppliers
Listen to the episode here.
by April Harrison
A trusted supplier identity is the keystone of our Trust Your Supplier (TYS) platform. TYS provides organizations a trusted exchange of information across an encrypted blockchain environment to minimize risk & fraud throughout the onboarding and life cycle of partnerships. Our value proposition relies on ensuring identity control and privacy for network participants.
The exchange of information is crucial to business operations in all industries. Conventional systems are open to fraud, error and inefficiency. These manual processes lack data security and each participant has their own separate database, or ledger — increasing the possibility of human error or fraud. Shared databases cannot prevent malicious activity. Hacked entities can corrupt or destroy data in the shared database, making it invalid for everyone involved.
Blockchain is designed for trust and secure trading, reducing vulnerabilities. It provides clear provenance and a single, shared, tamper-evident ledger. Once recorded, transactions cannot be altered. This is ideal for supporting auditing capabilities as it provides an immutable relationship history between parties.
The TYS supplier profile data is sovereign, owned & controlled by the supplier, who can selectively share additional profile information with companies they choose to connect with on the network.
This single, digital identity for suppliers can be shared with multiple buyers and business networks. A 2-tiered supplier profile approach allows suppliers to be discovered by new customers without handing over unlimited access to their data.
To learn more about this innovative new approach to supplier identity that is transforming supplier relationships, please visit www.TrustYourSupplier.com
by Gary Storr
Today in the world of Supplier Information Management speed and risk mitigation are tremendously important in establishing the partnerships so critical to business growth and success. Unfortunately, most organizations have been unable to address these challenges. Did you know that the typical timeframe to onboard a new supplier within many enterprise organizations is more than 30 days? In a world where speed is currency, that can have a huge impact on a business’s ability to pivot, grow, and innovate. A lot of that has to do with the information required to vet a new supplier, and the work required to do that vetting. Numerous spreadsheets, portals, systems, and unsecured document exchanges make this a very cumbersome process. And on the supplier side, each customer demands this same information, creating an incredibly repetitive and non-value added work effort. In summary, it’s a lot of inefficiencies and unnecessary attracted cost for everyone.
Trust Your Supplier (or TYS), addresses these pain points and more. Built on IBM Blockchain, TYS is a strategic collaboration between Chainyard and IBM and a revolutionary solution that brings efficiency and optimization to address these challenges. It’s compellingly different than any supplier management network in operation today. Simply put, TYS creates a Trusted Source of Supplier Information and Digital Identity that simplifies and accelerates Supplier Onboarding and Lifecycle Management. Supplier-provided trusted data, their identity, is used by buyers to validate and manage the partnership. It’s immediate access to real-time data that generates massive savings and reduction of risk. The value proposition is compelling for suppliers too. The single blockchain-based profile eliminates redundant submission of the same information multiple times to different buyers and reduces time to the first transaction and ultimately when they get paid. They are also discoverable on the network, creating opportunities for new business with other buyers on the network.
And the game-changer is the TYS Data Marketplace. Similar to an App Store on your mobile device, this marketplace is a collection of gold-standard services available from firms that are the world’s leading authorities on financial health, sustainability, risk & resilience, and a host of other capacities that help evaluate the performance of your partners. Renowned firms like Dun & Bradstreet, Rapid Ratings, Ecovadis, and many others offer their services directly on the network where their ratings, scores, and evaluations are aggregated into a single, seamless view for the user. This dramatically reduces the time required to conduct due diligence and qualify a partner, saving time and cost. Best of all, free content is available from practically all of these providers, while advanced premium services are can be purchased ala carte to meet your specific needs.
To ensure state of the art, enterprise-grade trust, TYS is built on Blockchain, creating a decentralized system that is not controlled by a single company. It can quickly become a global standard for supplier and buyer collaboration as well as increasing the participation of third parties who can provide services into this neutral environment.
It’s clear the new normal in supplier management centers on trust. Knowing and trusting your suppliers, in corporate responsibility, sustainability, diversity, financial stability, and a host of other areas are key to ensuring enterprises can responsibly conduct business. Suppliers need to build that trust and continually demonstrate this commitment to their partners. The partnership has never been so important.