You Can’t Protect What You Can’t See | Digital Guardian

You Can’t Protect What You Can’t See

Protecting Data in a Global Manufacturing Environment

Early in my career I worked in manufacturing, and can attest that it’s a very different world from software. Aside from the fact that you could pay rush charges to get things built quicker (something we dream about in software), a big difference was in the way we needed to share proprietary information with partners and vendors.

In that environment, controlling IP can be a challenge. Sensitive design documents may be produced in CAD applications or software components written by offshore contractors. Board layouts are provided to manufacturing engineers who use them to build jigs and test harnesses, and to vendors who provide components for integration. Finally, sensitive information goes to the manufacturing floor (in many cases, in both the US and Asia).

While sharing data is a requirement in manufacturing, controlling use of the data is critical. Leaked IP allows competitors to react faster with similar products or discover critical design information, which swiftly erodes a manufacturer’s competitive advantage. When offshore employees move frequently between contract manufacturers and outsourced development shops, there is a high risk that IP could be moving with them.

Production floor of a surveillance camera factory, Shenzen, China

The production floor of a CCTV and surveillance camera factory in Shenzen, China, 2010

So how does a company share data with offshore partners, while restricting its use to legitimate purposes?

An old saying about achieving high quality in manufacturing is “You can’t manage what you can’t measure.” From an information security standpoint, a better expression would be “You can’t protect what you can’t see.”

Most importantly, you need visibility to where sensitive information is at all times. This requires an understanding of the sensitivity of each piece of data (classification) as it is created, then maintaining and updating that classification as data moves. Next, you need to understand the context of how data is being used by correlating data sensitivity, the users accessing the data, and the requested action. Finally, controls are needed on endpoints to enforce corporate data policies and block inappropriate access or use.

Focusing on data itself is simpler and more effective. It allows appropriate use to continue unimpeded, blocks use that could put data at risk, and provides visibility into where data resides at all times. In a manufacturing environment, this makes it possible to share more data, more fully and more securely.

Mike Pittenger

Customer Spotlight: Deploying a Data Protection Program in Less Than 120 Days

Michael Ring, IT Security Architect at Jabil Circuit shares how they deployed Digital Guardian to over 40,000 users in less than 120 days. Watch the webinar on demand now.

Watch Now

Related Articles
Friday Five: 11/2 Edition

The DOJ charges Chinese intel officers over IP theft, how to secure elections, and password security best practices - catch up on the week's infosec news with this roundup!

New Bill Aims to Better Secure U.S. IP, Supply Chain Security

The legislation, which cites a rash of Chinese IP theft, would develop a national strategy to prevent risks to U.S. tech.

Ex-Apple Employee Accused of Stealing Self-Driving Car IP

Federal agents apprehended a former Apple employee last week suspected of stealing intellectual property, including engineering schematics on the company's secret self-driving car technology.

Mike Pittenger

Mike Pittenger is vice president, security strategy at Black Duck Software. Mike has over 30 years of technology business experience, including over 15 in application security. He was a co-founder of Veracode and led the product divisions of @stake and Cigital. He can be reached at mwpittenger [at]

Please post your comments here