A blog by Oleg Shilovitsky
Information & Comments about Engineering and Manufacturing Software

PLM security: data and classification complexity

PLM security: data and classification complexity
Oleg
Oleg
30 July, 2014 | 2 min for reading

security-plm

Security. It is hard to underestimate the importance of the topic. Information is one of the biggest assets companies have. Data and information is a lifeblood of every engineering and manufacturing organization. This is a key element of company IP. Combined of 3D models, Bill of Materials, manufacturing instructions, suppliers quotes, regulatory data and zillions of other pieces of information.

My attention caught Forrester TechRadar™: Data Security, Q2 2014 publication. Navigate to the following link to download the publication. The number of data security points is huge and overwhelming. There are different aspects of security. One of the interesting facts I learned about security from the report is growing focus on data security. Data security budgets are 17% as for 2013 and Forester predicts the increase of 5% in 2014.

forrester-data-security-plm

The reports made me think about some specific characteristics of PLM solutions – data and information classification. The specific characteristic of every PLM system is high level of data complexity, data richness and dependencies. The information about product, materials, BOMs, suppliers, etc. is significantly intertwined. We can speak a lot of about PLM system security and data access layers. Simple put, it takes a lot of specifics of product, company, business process and vendor relationships. As company business is getting global, security mode and data access is getting very complicated. Here is an interesting passage from report related to data classification:

Data classification tools parse structured and unstructured data, looking for sensitive data that matches predened patterns or custom policies established by customers. Classiers generally look for data that can be matched deterministically, such as credit card numbers or social security numbers. Some data classiers also use fuzzy logic, syntactic analysis, and other techniques to classify less-structured information. Many data classification tools also support user-driven classification that users can add, change, or conrm classification based on their knowledge and the context of a given activity. Automated classication works well when you’re trying to classify specic content such as credit card numbers but becomes more challenging for other types of content.

In my view, PLM content is one of the best examples of data that can be hardly classified and secured. It takes long time to specify what pieces of information should be protected and how. Complex role-based security model, sensitive IP, regulation, business relations and many other factors are coming into play to provide classification model to secure PLM data.

What is my conclusion? I can see a growing concern to secure data access in complex IT solutions. PLM is one of them. To protect complex content is not simple – in many situations out of the box solutions won’t work. PLM architects and developers should consider how to provide easier ways to classify and secure product information and at the same time be compliant with multiple business and technical requirements. Important topic for coming years. Just my thoughts…

Best, Oleg

Recent Posts

Also on BeyondPLM

4 6
12 April, 2016

One of the topics, I’m following on my blog for long time is open source. Open source software (OSS) or free...

16 July, 2014

PaaS is a category of cloud computing service providing platform and solution stack. This service model is including not only...

22 July, 2010

A very interesting video drove my attention today. Take a look on the new iPad application from a Valley company...

1 July, 2019

My last article Closed Open Source PLM about open source and partially about Aras PLM raised many comments and questions....

26 January, 2017

Artificial Intelligence (AI) is having a renaissance moment these days. With the risk to disclose my age, I can remind...

6 August, 2010

I had a chance to read “Sent from my iPad”  on VEKTORRM last week. Dave Angelotti discussed an option to...

2 September, 2010

Summer is finally over. This is a good reason to stop talking about fancy social software and cool Apple’s features....

10 December, 2012

It is hard to find somebody in PLM industry not familiar with the idea of “single point of truth”. I...

3 January, 2012

The beginning of the year is a good time to think about BHAGs (Big Hairy Audacious Goals). Cloud was one...

Blogroll

To the top