Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Securely Exchange CATIA Data Outside Your Enterprise

200 views

Published on

Paul Downing, PRESIDENT and CEO orf PROSTEP INC presents at COE 2017 - How to Securely Exchange CATIA Data Outside Your Enterprise



Published in: Technology
  • Be the first to comment

  • Be the first to like this

Securely Exchange CATIA Data Outside Your Enterprise

  1. 1. Securely Exchange CATIA Data Outside Your Enterprise Paul W. Downing PROSTEP Inc. Session DEM 5101
  2. 2. How to Securely Exchange CATIA Data Outside Your Enterprise • Take Away Topics » How your organization is leaking information. » Why information leakage is so hard to control. » Which free or paid options are available to help mitigate this problem.
  3. 3. Is IP Protection your concern? Should it be?
  4. 4. Is IP Theft really a problem?
  5. 5. Not Just “basement hackers”
  6. 6. Others … HIPAA
  7. 7. ITAR / Export Control Increased Fines
  8. 8. ITAR Violation Settled Between 2010 and 2016 Company Name Number of Violations Final Amount Paid Year Marc Turi and Turi Defense Group, Inc. 2 $200,000 2016 Microwave Engineering Corporation 1 $100,000 2016 Intersil Corporation 339 $10,000,000 2014 Esterline Technologies Corporation 282 $20,000,000 2014 Meggitt-USA, Inc. 67 $25,000,000 2013 Aeroflex, Inc. 158 $8,000,000 2013 Raytheon Company 125 $8,000,000 2013 United Technologies Corporation 576 $55,000,000 2012 Alpine Aerospace 9 $50,000 2012 BAE Systems plc 2591 $79,000,000 2011 Xe Services LLC 288 $42,000,000 2010 AAR International, Inc. 13 $0 2010 Interturbine Aviation Logistics GmbH 7 $1,000,000 2010 Total 4458 $248,350,000.00 Average fine per violation $55,708.84 source:http://pmddtc.state.gov/compliance/poa.html
  9. 9. It’s OK you only send data securely! Right ?
  10. 10. Audience Survey
  11. 11. Typical Concerns
  12. 12. Data Exchange vs. IP Protection
  13. 13. How old are your protocols? • Simple Mail Transfer Protocol (SMTP) is an Internet standard for electronic mail (e-mail) transmission across Internet Protocol (IP) networks. SMTP was first defined by RFC 821 in 1982 and grew out of standards developed during the 1970s. • File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one host to another host over a TCP-based network, such as the Internet. FTP is built on a client-server architecture and uses separate control and data connections between the client and the server typically with clear text authentication and published as RFC 114 in 1971. Paraphrased from <http://en.wikipedia.org/wiki/FTP>
  14. 14. Why do we keep doing it? CONVENIENCE! “increasing convenience almost always reduces security” …. but does it really have to be that way?
  15. 15. Convenient and Secure? • Secure exchange needs to start as close possible to the end users daily working environment » Desktop Integration » Email Integration » PLM Integration » Purchasing / Bid Systems • If users have to leave their default working environment to send secure information, they are less likely to use the approved solution.
  16. 16. Ease of Deployment vs. Adoption April 2016 BASE MODUL OPTIONS OS Integration Windows "Send to" Web Browser PDM / CAD Integrations Mobile Apps Automated Services Email Integration Alternate Formats (3DPDF, JT,….)
  17. 17. Standalone “Simple” Portal Solution Supplier / ConsumerOEM / Sponsor Standalone Portal Solutions  Quick / Easy to Deploy  Simple Administration  Affordable (sometimes free)  Good Basic Security (outside of email)  Often Hosted outside of company * Not Integrated (“Swivel Chair” Solution) – Less Convenient (must be logged in and online) – Can be hard to customize (if at all) – *Monthly Fees for users / volume add up quickly –
  18. 18. “Advanced” Portal Concepts Automated Processes  Upload and download with Agent, installed at the user's desktop Agent Location 2 Database FileVault Server CAD Converter Gateway KeyStore Server Location  Main OEM Server Location  Authentication  Encrypted data storage  PKI-Management  User right definitions  Processing control  Logging  E-Mail notification  Data routing  Data conversion, … Gateway Location 3  Batch Mode  Data are temporary stored quickly in local network drive  Transfer of data to run completely in a batch mode Gateway FileVault CAD Converter Location 4 Advanced Functionality  Encryption  Local File Vaults  Local conversion of data WAN / Internet  Manual Processes  User sign on over WEB-Browser and up- or download data manually, interactively Location 1 WAN / Internet Robot Partner Internet  System to System  Automated / Integrated  Remote Data Vaults  Supplier signs in over WEB-Browser  Data is uploaded from a data vault close to the end user Supplier Internet Advanced Portal Solutions  Deeply integrated into systems and processes  Fully automated and work behind the scenes  Installed in the enterprise or the cloud  Centralized or Distributed  Designed for customization Upfront Infrastructure Costs – Upfront Planning Requirement – Administrative Overhead –
  19. 19. Demo: Email Secure DX • Email (Outlook) Secure DX Integration Demo (1 min.) » Internal User Initiates an email in Outlook and attached a large file » Data is sent via Secure DX Server (not the exchange server) » External user is sent a link to a download portal. » External user downloads file via web portal Email Integration • BENEFITS OF EMAIL BASED SECURE DX » END USER DOES NOT CHANGE ANY PRACTICES » ZERO TRAINING REQUIRED » POLICIES ARE 100% ENFORCED » Audit Logs are kept separate from Clients and Mail Servers » Data is always encrypted before transport outside of enterprise » No data Load on Mail Server
  20. 20. Demo: Desktop Integration • Windows Desktop DX Integration Demo (1 min.) » User registers accessible workspace in Windows Explorer » Drag and Drop or Copy / Paste files into workspace folder » Files are securely sent to workspace » New Files Are Received as well OS Integration • BENEFITS of DESKTOP INTEGRATION » Works like a network shared drive » Data is always encrypted before transport » Securely share files with a team without an external client
  21. 21. Demo: Windows “Send-To” • Windows “Send-To” Demo (30 seconds) » User Right Clicks on a File » “Send-To” Secure Portal User • BENEFITS of “Send-To” INTEGRATION » Familiar process for many users » Data is always encrypted before transport » No Extra Apps to Log into (No “Swivel Chair”) Windows "Send to"
  22. 22. Scaling up Complexity with back end systems integration and automation • Dealing with Engineering Data (of course) plus » ERP Data » MRP Data » Bids » Financials » More • Centralized Reporting on all confidential Information
  23. 23. Integrated Solutions Requirements ERP PLM Other ………... Purchasing
  24. 24. Demo: Sending from Enovia • Sending from Enovia Demo (1.5 min.) » User Selects Files to Send from Enovia Client » Selected is passed to back end server for export and checking » User Selects recipient » User approves transfer • BENEFITS of Sending from Enovia » Familiar process for engineers » Work is done on the export server not the client » No Extra Apps to Log into (No “Swivel Chair”) PDM / CAD Integrations
  25. 25. Demo: Neutral and Lightweight files • Creating a 3DPDF from Enovia Demo (1.5 min.) » User Selects assembly from Enovia Client » Selected is passed to back end server for conversion » 3DPDF files is checked back into Enovia • BENEFITS of integration into Enovia » Familiar process for engineers » Work is done on the export server not the client » Can be part of existing workflow and release process Alternate Formats (3DPDF, JT,….)
  26. 26. CASE STUDY: Nordam
  27. 27. CASE STUDY: Nordam
  28. 28. CASE STUDY: Nordam
  29. 29. CASE STUDY: Nordam
  30. 30. CASE STUDY: Nordam
  31. 31. CASE STUDY: Nordam
  32. 32. CASE STUDY: Nordam
  33. 33. CASE STUDY: Nordam
  34. 34. CASE STUDY: Nordam
  35. 35. CASE STUDY: Nordam
  36. 36. DX Requirements 36 Integration Back-end system integration Communication Status notifications for high transparency Data transfer High volume, robust, high performance Security Adjustable security levels Automation Robots and Gateways for transfer automation Flexibility Versatile user interfaces & flexible software Documentation Documentation for users & administrators Processing Process engine for data processing Reports Research, KPI‘s, automated reports Scalability Flexible software & license model
  37. 37. • DRM Protected Documents » Limit Access to named users » Revoke Rights in the field » Force Updates to Latest Document Versions » Authentic via PKI, AD, LDAP, RSA, Others • Limit Document Features » Read Only » Save » Print » Copy » Measure » Cross Sections » Etc • Traceability Logs by Document DRM Requirements
  38. 38. Final Advice From the Field • Start Today • Use Free Trials to get a feeling for what does and does not work for your enterprise • Look for a mix of Hosted or Self Installed Options • Look for technology that integrates not only front end applications (Outlook, Desktop, Mobile) but back end applications like PLM, ERP, Etc • Low Hanging Fruit to go after for DX Security » Outlook » Desktop » Web Based • Don’t forget about protecting your data once it leaves your enterprise. Getting it there is only part of the equation. » Strip unneeded IP » Consider DRM solutions for when your data is in the wild. » Too much DRM is counter productive !
  39. 39. Shareholders Over 23 years experience with engineering interoperability, migration, intelligent documents, benchmarking, more Approximately 250 employees and consultants based from international locations throughout Europe and in North America More than 500 Customers that are leading companies across most industries A vendor neutral / independent engineering services and software company since 1993 infocenter@prostep.com / 8-PROSTEP01 300 Park St – Suite 410 – Birmingham MI 48009 Reseller
  40. 40. Our CustomersCar Manufacturers Automotive Suppliers • Electrical / Electronic 40
  41. 41. Our CustomersAerospace Industry Shipbuilding & Marine Engineering Mechanical Engineering, Plant Construction and Rail Vehicles • Other sectors • 41
  42. 42. Questions:

×