CAD Data: A Pandora's Box of Intellectual Property Risks

Protecting Whilst Leveraging Your IP Beyond Engineering in a Decentralized World

In the manufacturing industry, intellectual property (IP) in the form of CAD data is the lifeblood of innovation and competitive advantage. Sharing CAD files and derivative data, such as polygonal meshes, essential for design and production, exposes companies to significant risks. The traditional methods of handling and sharing this data—often moved to and from cloud or network storage and end-user devices—pose a grave threat to IP security. This issue is a "pandora’s box" that demands our urgent attention.

There and Back Again—My Journey Through Two Industries Where Information Security Truly Matters

I began my career in the early 1990s at Engineering Animation Inc. (EAI) in Ames, Iowa, where I led the development of VisMockup and served as Chief Software Architect. We created the first commercially viable 3D manufacturing visualization software, significantly reducing product design cycle times. The JT file format, which I helped develop, has become the industry standard for CAD data exchange and visualization, now part of Siemens Teamcenter.

In 2008, I co-founded Workiva (NYSE: WK), where I led product development, sales, and served as Chief Compliance Officer. At Workiva, I saw the devastating impact of accidental data disclosures firsthand. One instance involved a company mistakenly sending its pre-release 10-Q report to an external contact list, exposing sensitive financial data and jeopardizing the company's stock price. Recognizing the need for a more secure solution, this customer turned to Workiva. We eliminated traditional files and securely stored granular financial data in the cloud, streaming it directly to end-user devices where only our software could decode it.

My experience at EAI underscored the importance of securing CAD data to protect IP. At Workiva, I gained expertise in cloud development and information security. After two successful IPOs, I founded Vertex Software to solve the critical issue of IP protection in manufacturing while extending the reach of CAD data.

The Challenge of Sharing CAD Data

Manufacturers rely heavily on file-based CAD data to design and produce their products. These data files contain intricate details and proprietary information that define the function and uniqueness of a manufacturer’s product. Traditionally, these files are shared via product lifecycle management (PLM) software or cloud-based storage solutions. However, once these files or derivative data are delivered to end-user devices, they become vulnerable to unauthorized access, cyberattacks, and accidental leaks.

Risks of Storing CAD Data on End-user Devices

Storing CAD data on end-user computing devices multiplies the risk. Devices such as laptops, desktops, and even mobile phones are common targets for cybercriminals. Physical theft, malware, and unsecured networks can easily compromise these devices.

• Unauthorized Access: Weak passwords, unencrypted storage, and shared devices can allow unauthorized individuals to access sensitive CAD data. This risk is amplified in large organizations where tracking the use of every device is nearly impossible.

• Data Breaches and Cyberattacks: Cybercriminals target end-user devices to steal sensitive information. Once compromised, CAD data can be altered, stolen, or destroyed, leading to substantial financial and reputational damage.

• Accidental Data Leaks: Users may inadvertently share CAD data with unintended recipients or through unsecured channels. A single mistake, such as an email sent to the wrong address, can result in critical IP falling into the wrong hands.

Traditional Web-based 3D Software is a Stealthy Threat

Web-based 3D software, while offering convenience and accessibility, poses a stealthy threat to IP security for manufacturers due to the inherent vulnerabilities of browser-based caching and the handling of polygonal meshes. These applications typically store local copies of 3D geometry on end-user devices for rendering purposes, making the data susceptible to unauthorized access and theft. 3D plug-ins or features like WebGL that use browser caches can inadvertently expose sensitive information, allowing cybercriminals to exploit these weak points. This local data storage not only increases the risk of accidental data leaks but also compromises the integrity of proprietary designs. The reliance on local model data in web-based CAD tools thus represents a significant and often overlooked security risk, necessitating more secure approaches.

The Solution: Stream Pixels, Not Files

When founding Vertex Software, I recognized these challenges, and our team developed an unparalleled solution that mitigates the risks associated with traditional file-sharing and device-resident 3D data. Our cloud-based 3D visualization technology eliminates CAD file-sharing and streams context-aware pixels instead. Benefits of our approach:

• Zero-Install: No software installation is needed, ensuring easy global access and scalability while maintaining high-quality visualization without the vulnerability concerns you have with browser plug-ins and extensions.

• No Files: By streaming pixels instead of CAD data, your IP remains secure and protected from accidental disclosure. Vertex provides essential context from CAD, PLM, BIM, MES, and ERP systems without exposing sensitive data.

• Flexible Deployment: Vertex offers both public and private hosted deployment options, allowing organizations to choose the best solution for their needs. This flexibility helps mitigate IP vulnerability by ensuring CAD data is managed in a secure environment tailored to the specific security requirements of the organization.

Real-world Challenges and Solutions

Aerospace and Defense: Protecting Sensitive Data

Consider the case of an aerospace and defense manufacturer, where data security is paramount. When I met with their CTO, he shared that to travel abroad, they needed to check out a separate laptop devoid of sensitive information. This cumbersome process highlights the critical need for secure data management. With Vertex's streaming solution, the CTO would not need to transfer files between devices, thereby eliminating the risk of data breaches during travel. Furthermore, they could participate in collaborative reviews overseas without CAD data on their laptop.

Addressing Browser-based Vulnerabilities

In another instance, I recently met with a defense contractor that restricted access to CAD data by prohibiting the storage of polygonal meshes on end-user devices. Polygons, which approximate the surfaces of CAD parts, are essential for 3D visualization but pose a risk if stolen. Traditional visualization tools that require this data to be local, including browser-based features like WebGL, limit collaboration capabilities and increase security risks. Vertex’s streaming technology solves this risk by keeping data remote while still enabling full functionality. This approach prevents unauthorized access and theft by eliminating the need for local data storage.

Three Things You Can Do Today

1. Adopt Secure, Cloud-based Storage and Streaming Solutions: Use technologies like Vertex Software that stream context-aware pixels instead of sharing CAD files, eliminating the risk of local data storage.

2. Implement Robust Access Controls, Policies, and Workflows: Employ a Zero Trust security framework with strong passwords, encryption, and multi-factor authentication methods to ensure that only authorized personnel have access to CAD data. Establish an “IP Council” within your organization responsible for IP security that includes senior members of your product, IT, and legal teams.

3. Educate and Train Employees: Regularly train your team on the risks associated with storing and sharing CAD data on end-user devices and best practices for maintaining IP security. Ensure they clearly understand the policies and procedures designed to protect your company’s valuable information.

Conclusion: Balance Productivity and IP Protection

Manufacturers face the dual challenge of protecting IP while maintaining productivity. Traditional methods force trade-offs, as tighter security often hampers efficient collaboration. However, Vertex eliminates these trade-offs. By streaming pixels instead of CAD data, we provide high-quality visuals and metadata necessary for collaboration without exposing sensitive data.

The security of intellectual property is paramount in the manufacturing industry. Traditional file-sharing methods and storing CAD data on end-user devices expose this IP to significant risks. At Vertex Software, we address this challenge with our cloud-based 3D visualization technology, ensuring your valuable CAD data remains secure while enabling seamless collaboration and productivity.

Let's take proactive steps to secure our digital future. Visit us at www.vertex3d.com to learn more about how we can help protect your IP and drive innovation in your organization.