Is the Cloud a Safe Place For My Data?

One of the first questions people ask about cloud applications like GrabCAD Workbench is, “is it safe”? Spoiler alert: we think the answer is yes. But why we say that may surprise you.

483430428_586

Security is About Choices

The real question isn’t “is the cloud safe” but “is the the cloud safer than what I’m doing today?” If you store all your CAD files on a hard drive in a safe, you work alone, and you never share CAD files with anyone for any reason, then the cloud is probably not as safe as your current solution. For everyone else, the cloud is probably a safer alternative.

You’re Making Security Decisions Now, Even if You Don’t Know it

Let’s look at some of the security risks the way that a typical mid-sized manufacturing company handles CAD data:

  • Loss - Files are stored in a variety of places, including on user’s individual computers, often with no backup system. If you lose a design to hard drive failure or simply because you can’t find it, it’s still gone.
  • Damage - Many people have access to CAD data with no record of who does what. If a disgruntled employee messes with or destroys a design, you may not know until it’s too late.
  • Theft - How do you share files with manufacturers and partners? Say it out loud - “email.” When you send an email, that data can be anywhere on the planet in seconds. Think about it - would you email your credit card information and social security number to someone - even someone you trusted? I hope not. And you shouldn’t send confidential information that way either.
  • Error - Maybe you said “Dropbox” to the question above, in which case you have another risk - human error. Do you understand the Dropbox security model, and are you confident you’ve set permissions correctly? Or do you use one folder for lots of things, maybe the “Public” folder? What about the other employees at your company - are they all doing it correctly? Free file sharing services are great but they come with a whole new set of security risks.
  • Hacking - Is your network secure? Are you sure that your admin has patched and updated every router, every database, every machine? Is every endpoint protected? Really?

We Think About Security a Lot

GrabCAD takes security seriously, and we’ve put in place a variety of measures to ensure your data is safe.

  • Encyption - All data you send to GrabCAD Workbench is encrypted using AES 256 bit encryption, just like how your banking data is sent to your bank.
  • Secure data centers - GrabCAD stores all data using Amazon Web Services (AWS). With AWS, the data is stored redundantly across multiple devices across multiple environmentally controlled facilities. AWS infrastructure and controls are subject to annual SAS-70 Type II audits and AWS information security management processes and controls have achieved ISO 27001 and PCI DSS Level1 certification.
  • Network security - GrabCAD ensures that our network and application are secure by constant maintenance and regular penetration testing by third parties.
  • Internal controls - GrabCAD grants access to stored data internally using the principle of least privilege through appropriate roles and only on a “need to know” basis. We manage our systems according to security industry best practices including the ISO 27000 series and NIST Security Publications.

Trust the Cloud with Your Data

Actually, you probably already do trust the cloud with your data - many companies already store financial data in applications like Quicken, sales and customer data in Salesforce.com, and manufacturing information in PLM systems like Arena. Now it’s time to apply the same security approach to your CAD data.

Let Us Know What You Think

Do you or someone in your organization have questions about cloud security that we haven’t addressed here? Leave us a comment and we’ll try to answer it.

 


buyers-guide-for-pdmThe Buyer's Guide for PDM 

Every class of technology undergoes an era of innovation and disruption. For PDM systems, we’re in such an era today. Lifecycle Insights' Principal Analyst Chad Jackson put together the perfect buyer's guide to help you weigh your options.

guide to CAD file management

 

 

 

 

  • Compliance in the cloud, as I like to call it, is creating immense challenges for everyone involved. Whether it’s PCI DSS, HIPAA or the compliance frameworks themselves, (FedRAMP, CJIS, CSA), putting in place the necessary controls, policies,
    procedures, and processes is becoming incredibly expensive and time-consuming.
    As a security specialist for years, the best advice I can give (which I was
    given years ago) is to obtain some very good cloud based provisioning and
    hardening documents, for both the cloud platform itself and the underlying
    systems (operating systems and applications) running on the cloud From UNIX to
    MS Windows Server and Apache, there are numerous admin guides available, and
    also for the cloud specific platforms. But yes, your data “CAN” be safe, provided you take the right steps.

  • ddearborn

    Hmmm

    Sadly cloud security is a lot like security for the President. If someone wants it bad enough they will find a way to get it. Clouds biggest weakness is also its biggest asset-access; Any where, any time, any way. That creates an awful lot of opportunities to compromise the system. The bigger the company, the better the ods of failure. You can white wash it all you want as this author tries to do, but the fact is that hacks of the most secure servers on the planet happen all the time. And that is of course assuming that your data isn’t destroyed/altered by technical glitches, bugs, viruses, and just plain old fashion incompetence. And you are wide open to having your data stolen or compromised right out from under you by someone on the inside of THEIR organization. Then there is the ever present possibility of bankruptcy, hostile take overs or litigation. All of which has the potential to tie up your “cloud” for a very long time. And what about a company having invested everything to convert to the cloud suddenly waking up one day to their vender announcing that they just instituted a 500% price increase effective immediately. A big problem with what is rapidly becoming pay as you go. And if your payment is late, they have can just sit on everything. One can argue that a fair amount of that exists with the current conventional vender relationships. But the difference is in who actually exerts the most control over the outcomes. And in the final analysis, each individual company has a far greater vested interest in protecting its own assets than the vender ever will.

    Placing your software and data in the clouds isn’t a simple act of faith, it is a giant leap. There is far more to consider here than just the technological aspects of such a monumental shift. I keep thinking about those lemming jumping off the cliff into the sea. Or as David Hannum in 1869 said so eloquently; “there is sucker born every minute.” No it wasn’t P.T. Barnum. Just my 2 cents.