Shipments of Laptops and Servers Are Delayed
According to research firm NPD, the shift to telework has led to a surge in electronics sales. As users started to work remotely due to stay-at-home orders, there was a predictable rise in peripherals sales; computer monitor sales almost doubled to 80,000 units during the first two weeks of March, while mouse, keyboard and notebook PC sales jumped 10 percent.
However, there have since been reports of hiccups in the supply chain, and there are now clear shortages of laptops and other IT gear thanks to both increased demand and the fallout from initial closure of factories in China early in the pandemic.
Mikako Kitagawa, a director analyst at research firm Gartner, tells the Journal there are delays in getting gear to the U.S. due to restrictions on commercial flights from China. That has pushed out the expected delivery of enterprise laptop orders.
“They’re built, they’re sitting on the docks in China. But getting them here has been a challenge. These are from PC and server companies, across the board. The biggest issue is shipping stuff right now, especially out of Asia,” Jim McGregor, principal analyst at research firm TIRIAS, tells the Journal.
Time to Think About Supply Chain Visibility and Security
While it is clear that supply chain disruptions are affecting the ability of agencies and other organizations to get badly needed IT equipment, the situation is forcing some changes.
In April, UPS Supply Chain Solutions announced warehouse network technology designed to make distribution centers smarter and more efficient.
The company’s Warehouse Execution System will “enable faster order intake and fulfillment to ensure that customers, especially those with fluctuating order patterns, receive their products on time.”
The new system enables UPS to “define specific customer requirements to ensure highest priority orders are worked first without manual intervention, resulting in more than 50% productivity gains for some customers,” according to a press release. WES real-time monitoring of capacity, fulfillment requirements, backlogs and labor status lets UPS identify and resolve potential disruptions before they arise.
Agencies should work with partners such as UPS, their suppliers and software companies to get more real-time visibility into their supply chains. Without that visibility, it will be very difficult for procurement officials and their IT decision-making partners at agencies to plan for incoming shipments and decide when more supplies are needed.
Security is also paramount. Now is a good time to brush up on and further implement recommendations from the National Institute of Standards and Technology on cyber supply chain risk management.
Risks come from a variety of sources, NIST notes, including third-party service providers’ physical or virtual access to information systems, software or intellectual property; poor information security practices at lower-tier suppliers; compromised software or hardware purchased from suppliers; and software security vulnerabilities in supply chain management or supplier systems.
Some of the best practices NIST recommends agencies embrace include ensuring security requirements are included in every request for proposal and contract; having a security team work onsite with any new vendor to address any vulnerabilities or security gaps; and a “one strike and you’re out” policy regarding vendor products that are either counterfeit or do not meet specifications.
Others include tightly controlled component purchases, secure software lifecycle development programs and training for all engineers in the product lifecycle, and a security handshake between software and hardware in which a secure booting process looks for authentication codes and will not boot if the codes are not recognized.
The current supply chain disruptions are troublesome and causing disorder at a time when state and local governments need to be agile in response to the public health crisis. However, that does not mean interruptions should be a cause for inaction.
Agencies need to address supply chain visibility and security so they can get through the current crisis and make their IT supply chains more resilient and secure in the years to come.