A Growing Problem
The theft of Intellectual Property (IP) is estimated to inflict a cost that exceeds $225 billion in counterfeit goods pirated software and the theft of trade secrets, and could be as high as $600 billion annually to the U.S. economy alone. That is according to a 2017 update to The IP Commission Report.1
Co-chair of the bipartisan, independent Commission on the Theft of Intellectual Property (IP Commission) Admiral Dennis C. Blair, former Director of National Intelligence, states that “the massive theft of American IP—from companies and universities across the country, from U.S. labs to defense contractors, from banks to software companies—threatens our nation’s security as well as vitality. This report is just the latest reminder of its scale and critical importance.”
A 2016 study Closing Security Gaps to Protect Corporate Data: A Study of US and European Organizations2 highlighted a sharp increase in the loss or theft of data – and a leading cause being insider negligence – reported by IT respondents in the study. The following graph summarizes the insider concerns raised by respondents in the study amongst the top security threats facing companies.
The cost impact of data breaches varies by industry, however malicious and criminal insiders were identified as having caused the most data breaches (48%) in another study 2016 Cost of Data Breach Study: Global Analysis3 which also highlighted that investments in certain data loss prevention control and activities such as encryption and endpoint security solutions are important for preventing data breaches. This study also revealed a reduction in the cost when companies participated in threat sharing and deployed data loss prevention technologies.
One of the key challenges faced by companies today is difficulties in achieving expected operational synergies while navigating the global regulatory environment and enabling global collaboration and innovation. Companies increasingly need to collaborate in today’s markets with suppliers, partners, contractors, customers, subsidiaries and joint ventures all of which requires the sharing of sensitive company and product data.
What does this mean for Teamcenter?
Designers and manufacturers of high tech products and services use Teamcenter to capture and manage the complex designs and specifications of both their current and future products. Teamcenter provides a robust and rich infrastructure to manage the authorization and authentication of users in granting access to this data, supported by more traditional network and IT security controls, allowing companies to provide a defense in depth to protect their sensitive data and IP.
The loss of IP data – whether malicious or not – can occur when data has been downloaded from Teamcenter and stored on local hard drives, devices or local networks. These files can also be shared by authorized users via e-Mail or other file sharing technologies. An authorized internal user could also save a design specification document to a mobile device where access controls do not exist.
Product design and manufacturing typically involves collaboration across multiple organizations. Contractors, partners and suppliers – all of whom are outside of the primary organization – require access to IP sensitive data. In order to protect IP, companies can now extend Teamcenter protections to data used in external sharing use cases.
Enterprise Digital Rights Management for Teamcenter
Developments in Digital Rights Management (DRM) technologies now allows companies’ IP sensitive data to be protected when downloaded and shared outside of Teamcenter. Document-level access and usage controls (rights) are applied directly to documents and persist, no matter where they are downloaded, uploaded, shared or consumed – inside or outside of the organization. The rights must be highly detailed and configurable in order to control access and usage scenarios very precisely. The Enterprise Digital Rights Management (EDRM) for Teamcenter solution from NextLabs Inc. helps to meet this need.
In the past, solutions have come with technical limitations that rendered them both difficult to deploy and only effective for a narrow set of use cases. For instances, Rights Management products typically support only certain file types (i.e. Microsoft Office files only or Adobe files), involve cumbersome management and administration – where users are required to apply rights manually to files or build complex templates – or require installation of a client viewer application on all devices used to access the files, thus limiting the ability share and collaborate. The NextLabs’ EDRM for Teamcenter solution provides Rights Management technology in a more scalable and easy-to-implement solution to extend Teamcenter protections.
Support for All Files and Applications
The EDRM for Teamcenter solution is file and application agnostic. In addition to traditional Microsoft Office and Adobe file formats, other file formats used in design and manufacturing processes are supported. This includes files created by NX, JT visualization files, source code and more. All files are protected consistently, regardless of the file types and the applications used to access them.
Applying Protection Automatically or Manually
The solution provides the flexibility to automate the application of rights based on a business context and process. In addition, discretionary use cases allow trusted users in Teamcenter to manually apply rights to files. Metadata such as attributes of a file or document in Teamcenter, or classification can also be used to facilitate the automated process and these attributes can also be embodied within the protected file to facilitate the rights management controls. Specific user actions, such as download, upload, edit, print and copy can also be controlled from the protection applied to a file based on a company’s data security requirements.
Leveraging metadata, such as business object [IP] classifications, user and organization information in Teamcenter, in applying rights to files is possible through the Teamcenter integration offered with the EDRM for Teamcenter solution. This means that companies do not need to architect entirely new processes or tools to apply rights protection to files. Rather, it happens automatically and seamlessly within a standard user workflow and provides a seamless user experience.
Device Independent Protection
Recent years have seen an increase in the number of end points, or devices, from which users access their documents – be it mobile devices, tablets, laptop or desktops or uploading to the cloud – in their daily activities. These use cases can be both informal ad-hoc sharing as well as through formal release and review processes. The rights protection on files is persistent and enables external collaboration use cases that are increasingly common today in product design and manufacturing. The EDRM for Teamcenter solution enables and embodies this with a zero-client install available to enable global collaboration.
UPDATE to the IP Commission Report – The Commission on the Theft of American Intellectual Property – February 27, 2017,
Closing Security Gaps to Protect Corporate Data: A Study of US and European Organizations, Release 1 – Ponemon Institute LLC – August, 2016
2016 Cost of Data Breach Study: Global Analysis – Ponemon Institute LLC – June, 2016
This is the first in a series of posts where we will explore the importance and application of EDRM for Teamcenter. In the next post, we will outline some of the typical use cases where EDRM for Teamcenter helps to facilitate secure and effective collaboration whilst protecting companies IP.
About the Author
Enterprise Digital Rights Management (EDRM) is a key focus for Guy Bursell, a Teamcenter Product Manager who works on the Teamcenter platform. NextLabs Inc. are a foundation partner with Siemens PLM Software and provide their EDRM technologies to enable the extension of protection of critical customer Intellectual Property with Teamcenter when sharing data.