A blog by Oleg Shilovitsky
Information & Comments about Engineering and Manufacturing Software

PLM security: data and classification complexity

PLM security: data and classification complexity
Oleg
Oleg
30 July, 2014 | 2 min for reading

security-plm

Security. It is hard to underestimate the importance of the topic. Information is one of the biggest assets companies have. Data and information is a lifeblood of every engineering and manufacturing organization. This is a key element of company IP. Combined of 3D models, Bill of Materials, manufacturing instructions, suppliers quotes, regulatory data and zillions of other pieces of information.

My attention caught Forrester TechRadar™: Data Security, Q2 2014 publication. Navigate to the following link to download the publication. The number of data security points is huge and overwhelming. There are different aspects of security. One of the interesting facts I learned about security from the report is growing focus on data security. Data security budgets are 17% as for 2013 and Forester predicts the increase of 5% in 2014.

forrester-data-security-plm

The reports made me think about some specific characteristics of PLM solutions – data and information classification. The specific characteristic of every PLM system is high level of data complexity, data richness and dependencies. The information about product, materials, BOMs, suppliers, etc. is significantly intertwined. We can speak a lot of about PLM system security and data access layers. Simple put, it takes a lot of specifics of product, company, business process and vendor relationships. As company business is getting global, security mode and data access is getting very complicated. Here is an interesting passage from report related to data classification:

Data classification tools parse structured and unstructured data, looking for sensitive data that matches predened patterns or custom policies established by customers. Classiers generally look for data that can be matched deterministically, such as credit card numbers or social security numbers. Some data classiers also use fuzzy logic, syntactic analysis, and other techniques to classify less-structured information. Many data classification tools also support user-driven classification that users can add, change, or conrm classification based on their knowledge and the context of a given activity. Automated classication works well when you’re trying to classify specic content such as credit card numbers but becomes more challenging for other types of content.

In my view, PLM content is one of the best examples of data that can be hardly classified and secured. It takes long time to specify what pieces of information should be protected and how. Complex role-based security model, sensitive IP, regulation, business relations and many other factors are coming into play to provide classification model to secure PLM data.

What is my conclusion? I can see a growing concern to secure data access in complex IT solutions. PLM is one of them. To protect complex content is not simple – in many situations out of the box solutions won’t work. PLM architects and developers should consider how to provide easier ways to classify and secure product information and at the same time be compliant with multiple business and technical requirements. Important topic for coming years. Just my thoughts…

Best, Oleg

Recent Posts

Also on BeyondPLM

4 6
5 May, 2011

I’m following SharePoint and PLM. One of point of my interest was to analyze how Microsoft SharePoint can be used...

11 August, 2019

A few days ago I wrote an article discussing why the strategy of building PLM on top of PDM can...

31 October, 2010

I postponed my monthly writing this month to give few words PTC Creo launch this week. CAD community already started...

13 August, 2013

Processes. Every organization is driven by processes. Even if you don’t have any process management systems, processes are there. You...

12 November, 2013

Yesterday I learned a new TLA – IoT, which stands for Internet of Things. The topic is not new for me....

8 June, 2009

We have been talking about collaboration a lot these days. I was thinking about how collaboration can happen with designers....

2 December, 2010

I was reading GigaOM article Should We Be Afraid of Apple, Google and Facebook? I found it interesting. Take your...

17 July, 2018

PLM is usually a journey of an organization transforming itself from one business model into another. While the process can...

20 November, 2014

The Engineering.com publication about PLM taking ownership of MBOM ignited a few discussions online about the Bill of Materials, BOM...

Blogroll

To the top