The recent survey into Attitudes to Cloud Based Simulation run by SIMUSERV, in partnership with The Engineer, highlighted that the security of data on the Cloud is a prime concern for the majority of Engineers.
85% of Engineers expressed some concern regarding Cloud Security
When Engineers are considering using the Cloud for Simulation they are right to be concerned about security. Simulation data is rich in intellectual property containing not only the design definition but also how the design behaves in service. Protecting this kind of information is core to any innovative company.
Over the last thirty years or so, companies have grown familiar with running simulations using their own hardware at their own premises, on dedicated High Performance Hardware and, more recently, the users own machines. This has worked well, but given the specialist nature of simulation, this work still often lies outside of the main PLM system and data management tools. This means that, despite its value, simulation data is often less protected than product definition data.
So the question needs to be asked - how secure is on-premise simulation data? The value of this data is constantly increasing with increased simulation model size and fidelity meaning that simulation models are converging with real world behaviour and making them more valuable to both product development teams and competitors.
So the fact that simulation data needs protecting is clear, the question is how best to do this.
Cybersecurity requirements are growing in complexity in proportion to threats and arguably only the largest companies can invest sufficiently to meet the challenge. Data breaches and ransomware attacks are becoming more common. Thus whilst concern about the Cloud is understandable, in many cases, the same concerns should be raised regarding on-premise data and whether data is actually far safer on the cloud.
It’s a long time since companies had security measures on-site to store large quantities of cash, instead transferring the responsibility to cash security experts, the banks. Perhaps it time the same transition was made with data.
The truth is that the scale of and investments made by the cloud infrastructure providers are vital to provide the required level of data security. Key areas of IT security and robustness addressed are:
Multi-Layered Security
Cloud service providers invest heavily in state-of-the-art security protocols maintained to international standards. These utilise encryption, firewalls, and advanced access controls. Data is guarded by layers of security that work together seamlessly to keep unwanted intruders at bay. In the cloud, data is encrypted at rest and in transit. On-premise solutions may struggle to match this comprehensive and dynamic nature of cloud security.
Dynamic Scaling and Redundancy
Cloud platforms automatically distribute and replicate data across multiple servers, creating redundancy that acts as a failsafe against unforeseen disasters or server malfunctions. This redundant architecture ensures data availability and integrity, giving engineers peace of mind.
People
Cloud providers employ dedicated security teams that continuously monitor for anomalies, potential vulnerabilities, and emerging threats. Regular updates and patches are deployed promptly, maintaining the robustness of the security infrastructure. Heavy investment is made in the education of all employees in security awareness and processes.
Access Control
Controlling who gets access to data is as essential as having strong security measures in place. Cloud platforms offer robust access control features, allowing organisations to specify who can view, edit, or share data. On-premise solutions might offer similar features, but the ease and flexibility of cloud-based access control make it a more attractive option for safeguarding sensitive information.
Disaster recovery
In the event of a catastrophe, up to and including the loss of an entire data centre, cloud platforms offer efficient and rapid recovery mechanisms, minimising downtime and data loss. Engineers can rest assured knowing that their data is backed up, replicated, and ready to be swiftly restored.
Cloud service providers work to international standards, such as ISO 27001 which contain a wide range of controls covering all aspects of Information Security. It is interesting to note just how wide ranging these controls are with just 54% being IT-related. This highlights just how complex the cybersecurity domain has become.
ISO 27001 - Information Security Standard – Controls
The 3DEXPERIENCE Cloud
In the world of Product Development, Dassault Systèmes provides a unique Cloud solution which, unusually in the market, delivers all of the three key components. These are Software as a Service (SaaS), Platform as a Service (PasS), and Infrastructure as a Service (IaaS). This is known as the 3DEXPERIENCE Cloud and allows a consistent and holistic approach to provide the most secure and robust environment. Each layer is meticulously secured, incorporating authentication, role-based access control, encryption, monitoring, auditing, and vulnerability management.
The 3DEXPERIENCE Cloud provides the Simulation Tools used by the Engineers, a Flexible High Performance Compute resource to run the simulations and robust and secure Simulation Process and Data management.
Whilst Engineers may be cautious about the Cloud and data security currently, it seems likely that the Cloud will be increasingly be viewed as a safe haven for data in the future.
To find out more about Cloud Data Security and how this is implemented in the 3DEXPERIENCE Cloud please download our Cloud Security and Privacy Whitepaper here.
Plasma technique converts landfill methane to jet fuel
Trevor; there are still many landfill sites in the UK where the methane is not captured but not only that, where there is protein waste in them, they...