Trust no one

Trust no one. It was one of the most overused phrases of the last decade but seems to have been forgotten since the end of the X-Files on television. But maybe it’s time we resurrected it, because the threat to engineers is out there and it wouldn’t take any special agents to discover the truth of the situation.

Intellectual property assets have steadily gained importance in corporate boardrooms around the world. For the engineering community more than others the pace of new product development and scientific advances has meant that intellectual property is what gives competitive advantage — and therefore what brings in the business.

But is protecting IP through patents and copyrights or as a trade secret really enough? A recent industry round-table, made up of representatives from the Institute of Directors, Reuters News Agency, BT, Bloor Research and Adobe, brought home to me the fact that we need to act on some of these issues sooner rather than later.

Approximately 80 per cent of all company information is stored electronically, yet the most valuable and sensitive data is most often left unguarded. For engineers that comes from the intellectual property of new product designs, CAD drawings, plans and pictures.

Despite massive investments in product lifecycle management (PLM) and product data management (PDM), protection of intellectual property remains as much a challenge as it ever was. While documents are held within the confines of the repository, clearly design data remains secure.

However, we have an ever increasing number of business partners and suppliers involved in our projects who do not have permission to access the system. An aircraft manufacturer may typically have over 1,500 suppliers worldwide and collaboration between parties is key to the success of a project, but it would take only one weak link in that chain of suppliers to lead to a compromise in the integrity of the overall design.

In addition, the workforce is becoming increasingly mobile, and this year has seen purchases of laptops overtake those of desktops.

So manufacturers need security at a document level to address the challenge. IP protection through law is pretty weak and can be circumvented. It is in the nature of competition that companies try to copy successful products without infringing IP, but we are starting to see something dubbed ‘enterprise phishing’ which would make copying these product designs much easier.

Unlike consumer phishing, whereby fraudsters obtain the bank details of unwitting victims, in enterprise phishing people are asked to provide details such as passwords or to send certain documents. Hackers are going into organisations and looking for documents that can be sold on to competitors or with which they can hold a company to ransom on the promise of not selling on the details.

This is happening primarily in the US but of EC countries the UK is the most often hit. We need to guard information that belongs to our organisations by applying security measures that enable us to protect our core assets and the associated value of those assets. The truth is out there — you just need to ask ‘Do I trust the security of my IP?’

Mark Wheeler is European group marketing manager, EMEA, Adobe Acrobat