Is safe collaboration the key to combating CAD cybercrime?
Cybercrime and cybersecurity challenges have escalated during the Covid-19 crisis, particularly in the manufacturing and design industry.
The pandemic has also led to an increase in remote working style creating a wide attack surface. With no time to implement safety security measures to prevent breaches and attacks, no organization is entirely immune or safe.
Another cause of concern for the manufacturing and design industry is the upsurge in external partners and suppliers. CAD designs, simulation data, and other related documents have to be shared more frequently for efficient product development.
Popular ways in which organizations collaborate
From an early design stage to the project commissioning stage and beyond, various stakeholders have to collaborate. The most popular ways in which organizations collaborate today are:
- Email for sending CAD files or screenshots of model states
- FTP site or using a storage device like Dropbox to share either the native CAD file or exported file formats
- Screen sharing
- Network file share access control
- Mobile Device Management
- Product Data Management systems
- Enterprise and Cloud-based content management
- Digital Rights Management systems
All these collaboration tools are used for both internal and external collaboration either between fellow CAD designers and engineers within an organization or with non-CAD users outside the organization.
International teams must collaborate across different regions and time zones and must always keep in mind the security risks that come with such communication.
Thus, the pandemic and global remote working force have brought in the need for an effective and safe collaboration and communication process when working with CAD files, from conception to final delivery.
Common steps to reduce CAD file data leakage:
Given below are some of the steps commonly adopted by organizations to reduce CAD file data leakage:
- Understand and map your sensitive data – Based on the information type it is important to classify data and ensure that your sensitive data is appropriately stored. This will require identifying various sources, categorizing data, and the users, tasks, and business usage. Ensure that sensitive files do not reside along with the everyday usage file open for anyone to access.
- Limit the number of users and do an analysis of file sharing exposure and risks – This will involve assessing how the sensitive files are currently stored in the system, and who has access to it. Ensure that those who have access are the ones intended to have access to the file through proper check and they can access the file only within the stipulated period.
- Implement strict data protection policies – Continuously audit your users. Take a look at the current data protection policies, ensure that it is foolproof, check for leaks and examine the probability of exposure during group sharing. This should give you enough room to decide what additional file protection mechanisms and controls are needed.
- Make information and data security a priority – One of the biggest causes for data is employees failing to understand how to handle sensitive data leading to potential data leaks knowingly or unknowingly. Ensure you have an adequate method of tracking and reporting policy adherence, control implementations, etc.
- Identify where security control technical solutions can be applied – Take a gap analysis to find out where technical controls can be applied. As these CAD designs and solutions are shared with partners, vendors outside the organization perimeter, solutions that only offer protection within a secured network alone will not suffice. A solution that adequately protects the data even if it is downloaded in another environment would be an ideal solution.
How HALOCAD protects CAD data outside an organization’s perimeter
HALOCAD, the data security solution from SECUDE is the only solution to apply Microsoft Information Protection (MIP) for securing priceless CAD files throughout their lifecycle even beyond the organization’s boundaries.
It silently and automatically applies MIP when working with CAD files outside the content management systems and allows CAD application users to seamlessly open MIP-protected files and enforce user privileges as per policy.
Image: HALOCAD Architecture
It is tightly integrated with MIP and supports all implementation scenarios of Azure Information Protection (AIP) and Rights Management Systems (RMS).
In SAP PLM environments, HALOCAD works as an extension to HALOCORE protection by enabling CAD applications to automatically decrypt and use MIP encrypted files which have been checked out of the SAP Content Management System (CMS).
Besides, HALOCAD enables CAD applications to use MIP directly when SAP is not the CMS in the background. In this case, HALOCAD enables encryption of CAD files including MIP label handling and privilege enforcement.
At the time of file creation, the user’s valid credentials will invoke MIP labels. CAD users will not notice any difference in the handling of MIP-protected CAD files.
For companies who want to allow their CAD files to be read by users outside their organization, without the risk of losing IP, the free of charge HALOCAD Reader plug-in provides read-only access to MIP- protected CAD files.
- How Siemens’ Teamcenter AIP DRM protects your sensitive CAD & PLM data beyond organizational boundaries
- Do you need to protect your sensitive CAD files when collaborating with third-party vendors?
- How to Protect your AutoCAD and Autodesk Inventor Drawings from Cyberthreats
- How to Secure your Design IP in your PLM environment
Comments are closed.