If you and your sales team don’t understand the importance of secure supply chain (SSC) management to government agencies, you need to learn about it fast or risk losing federal business, according to Larry Allen, president of Allen Federal Business Partners and valued advisor to Comstor and Westcon.
Recently, we spoke with Allen about secure supply chain management and he made recommendations for Comstor partners who sell into the federal market. Allen stressed that partners need to be aware that all of their fed customers are putting SSC at the forefront of their federal IT acquisition decisions. This focus started at the Department of Defense (DoD) several years ago and has expanded since. Not understanding the importance of SSC, federal requirements, as well as benefits and potential pitfalls, can make or break your federal business, according to Allen.
“If you don’t have a secure supply chain, which means you must have evidence of cradle-to-grave management of your supply chain down to the component level, it can preclude from doing biz with the DoD,” said Allen. “That means that you, the contractor, must have a system in place to keep track of every component in your chain, at every step of the way.”
The National Institute of Standards and Technology has series of security baseline standards to which contractors are expected to adhere. “Contractors must be familiar with NIST standards,” Allen explained, “and be able to show that the people who are putting the components together are authorized manufacturers and they are getting there components from trusted sources. Integrators also must be authorized and be using authorized tools.”
In addition to understanding secure supply chain, Comstor partners must be able to educate their end customers in agencies about it. “Partners can’t assume their fed customers know about the requirements, so becoming as educated as possible about SSC will put you in a better position with your end customers,” he explained. “They may know some, if not all of the requirements . . . and then could make an inappropriate acquisition decision that won’t serve their agency well.”
Secure supply chain requirements also will soon be included in GSA contracts, so no matter which contract a Comstor partner has or is selling through, Allen says you will see an increased emphasis on it and will have to show compliance with it.
Listen to the podcast and details about SSC below.
For detailed information about NIST standards and other regulations surrounding SSC, download the full PDF here.