News and Blog

SUPPLY CHAIN SECURITY FOR HARDWARE AND SOFTWARE 

Supply chain security is a multi-disciplinary topic, and requires firm collaboration and implementation between the sphere, investor support, and IT firms. The firms that get this right start with IT and a secure multi-enterprise business interface, then build upward with carefully governed and secured access to analytics and visibility capabilities and, from there, continuously monitor every layer for anomalous behaviour.  

The conventional lines between hardware and software are indefinite as many hardware systems apply embedded and configurable software code, such as firmware. Kayndrexsphere’s security and practices however extend to hardware and software, and govern the procurement, engineering, development, and maintenance of such systems. These policies and practices apply for Kayndrexsphere engineered hardware and software as well as third-party hardware and software acquired for corporate application, or embedded in other Kayndrexsphere products. 


Procurement of Non-Kayndrexsphere Hardware systems for Kayndrexsphere Cloud and Corporate Applications  

Hardware and software investments supporting Kayndrexsphere Cloud and internal data centres are routed through standard Kayndrexsphere hardware and software supply-chain processes. These processes are intended to properly vet Kayndrexsphere’s suppliers, prevent the acquisition of simulated products, and employ sourcing from trusted investors only. Potential suppliers are subject to extensive evaluation of their financial health, integrity, and security practices.  

Kayndrexsphere maintains its own ethical security team to perform security assessments on non-Kayndrexsphere hardware and software being evaluated for investment. These security assessments seek to discover hardware, software, or firmware security vulnerabilities and confirm the effectiveness of the security features claimed by the supplier. Kayndrexsphere operates collaboratively with its hardware and software suppliers to discover new areas of opportunities.  

Hardware and software destined for application in Kayndrexsphere Cloud or internal IT firms is subject to these same practices. Furthermore, hardware and software products are formally evaluated by Kayndrexsphere personnel prior to their acquisition for fitness of purpose, such as scalability, as well as for inherent hardware and software security. The security assurance practices of the supplier are also formally evaluated to confirm that the investor has adequate security remediation policies.  


Security Assurance in Kayndrexsphere Hardware and Software Systems 

Most hardware products, such as firmware, have software components embedded into them, Kayndrexsphere Software Security Assurance policies and practices extend to the development of Kayndrexsphere code applied on Kayndrexsphere hardware systems. The primary objective of these policies and practices is to prevent the introduction of security uncertainties and strengthen the security regulations designed in the systems.  

Hardware and software supply chains are the rocket fuel for the modern digital economy. Suppliers apply third-party commercial software and hardware components in their products to improve productivity and focus development efforts on innovation. To manage cyber uncertainties, Kayndrexsphere identifies and remove uncertainties in its software and hardware supply chain. Kayndrexsphere empowers product security, supply-chain security, and development teams to gain complete visibility, prioritise, and remove these uncertainties at scale, applying an automated, easy-to-apply, product security platform.  


Maintenance of Hardware and Software Systems applied in Kayndrexsphere Cloud 

When software updates for Kayndrexsphere and third-party hardware applied in Kayndrexsphere Cloud are sent to Kayndrexsphere, cloud-operation teams evaluate the proposed update in a test environment that is separate from and firmly reflects the production environment. Once tested, the software updates are deployed from test to production through a regulated private interface.  

Hardware shipping practices 

Kayndrexsphere and its logistics carriers maintain custody and management of the hardware from the pickup at the point of origin to the fulfilment of the applicable Incoterm. In most situations, Kayndrexsphere operates on a delivered model, implying that Kayndrexsphere applies Delivered Duty Paid or Delivery to a designated airport. Each leg of the delivery process is documented in the carrier’s system and freight is checked at each transfer point. 

Any exception is noted on shipping protocol and/or in the logistics carrier’s system. Every Delivered Duty Paid delivery is required to have a signature after inspection. Delivery to a designated airport consignments are deemed to be complete when the aircraft arrives where Kayndrexsphere has received a confirmed on-board notice from the airline.