Ensuring CAD files are safe is incredibly important for any business operating online and that job is made even harder in the age of remote work.
The protection of intellectual property is especially crucial for those working in research and development, for designers, engineers, and others in similar professions. They’re usually handling protected and important data that needs reliable security to mitigate plagiarism or the leaking of confidential information.
It doesn’t matter if you’re a professional or a hobbyist, you have to secure your CAD files. Maintaining control over your IP is vital; if someone accesses your network, they can modify your files before they’re published, and your work is lost. Without on-site IT support, hackers are seizing the opportunity to expose the natural vulnerabilities of most people working from a home office. That means slipping past VPN protection and spam filters to leave damaging spyware, or otherwise maliciously affect your work.
Cloud-based CAD software has enabled our global remote working experiment but, in turn, exposes back doors for hackers to enter.
With so many potential ways your CAD data can be stolen, here are five security considerations to keep in mind when working remotely.
1 A secure firewall
When working from home (or anywhere really), you need a security measure that keeps track of incoming and outgoing traffic. That’s where a firewall comes in. It uses admin-defined guidelines to evaluate a connection request’s trustworthiness.
Modern firewalls can interpret connection attempts made by different applications to determine their objectives. When working with confidential or valuable CAD files, the first thing that needs bolstering is your firewall. Without one, you may be a sitting duck.
2 Effective documentation
Amassing and maintaining information – especially blueprints, submittals, operating processes, maintenance logs, and more – is made more difficult when facility managers don’t have the same level of support as they usually would. Meaning, all documentation needs to get requested from facility managers across each step of a program, generally utilizing contact center software to help ease the burden of mass collaboration.
The information needs to be provided in both a native format (usually .dwg) and a finished form. Upon receiving a CAD file, ensure it opens correctly and comes with all sub-fields included as well. If the manager in charge is not CAD-proficient, then someone else needs to be tasked with this collation. If you’re outsourcing this, then some providers may keep this information on file. However, if you own the facility and pay for the documentation development, you must insist all is handed over to you.
3 Put in the manual work
No matter the software you’re using, ensuring everything you send out is password protected is always best practice. BricsCAD allows users to set passwords, locking out unauthorized access.
You can also place files in a compressed zip file and password protect those to add another security layer.
However, if you’re sharing CAD files with a collaborator, there’s no guarantee they’ll follow the same security protocols. Consider converting files to PDFs that are easily password protected and ensure only the users you authorize get access. Unlike some other vector formats, PDFs can consist of vector and raster elements, making them accessible and easy to protect along the lifecycle.
Lastly, if worse comes to worst and your PC comes under attack from some malware, you’re putting everything at risk. You’d think it would come as second nature by now, but some people still need to get told to back everything up! Whether that’s on a cloud platform or external memory storage. Every version of a file needs replication somewhere that’s not your PC.
4 Sending ‘read only’ files
Your data is most at risk when being transferred; that’s when it’s most readily targeted. When leaving your inbox for another, that’s where an interception happens and then you’re exposed.
In the vast majority of cases, you need to share CAD files with colleagues or clients during the design process. And, while firewalls and VPNs do their best to protect you at home, you can never wholly trust someone else’s connections or protections!
To negate this risk, ensure that during the build process, you only share read-only files. This removes the ability of anyone intercepting a file to copy or modify it in any way. ‘Read-only’ means just that; the data can be opened and viewed, but not touched. Alternatively, you can convert it to a PDF, as we mentioned above. Adding a watermark to anything unfinished is also a good measure, just as long as it doesn’t obstruct or overshadow the work. Alternatively, use the ‘share screen online‘ function on your collaboration tool to share work over a video conference without needing to send it over at all.
5 Using nondisclosure agreements
Also known as confidentiality agreements, NDA’s are legal contracts binding the signer to strict confidentiality. It means both parties involved in the sharing of information must keep it secret. NDAs should be introduced when sharing confidential data (CAD files or not). That means when using a service from a company when said company has access to your data, and when passing info or CAD files between employers and employees. Most NDAs require a signature, but some can be agreed to virtually over a secure video conference.
When working alongside other companies, you’re always running the risk of a data leak. Since the very nature of collaborations means to share, all parties must be legally covered. An NDA is such a way to protect data and also punish those who share it without permission.
However, being out of the office also means you’re more vulnerable to malware and online attacks. While you’re using a VPN, a firewall and antivirus software, all these things can be countered with some sneaky spyware. Alternatively, once your data leaves your machine, you’re trusting someone else’s security to guard your work. And, that’s not always ideal.
CAD files are large and often data-rich, so they’re targeted. They need to be monitored every step of the way to ensure your intellectual property remains yours. By following the five steps outlined above and applying some good old fashioned common sense, you should be able to mitigate the very real risks.