Export Control Compliance, Improved Productivity and $4 Million Annual Cost Savings

About The Customer

A global semiconductor design and manufacturing leader faced the challenge of adhering to export control policies. With facilities worldwide, it relied on the expertise and collaboration of a global employee base. However, individual components within their products fell under the requirements of the International Traffic of Arms Regulations (ITAR) where penalties for non-compliance can be severe.

The Business Challenge

ITAR compliance means that only US citizens can view the layout of export-controlled components. This requirement forced physical segmentation of the company’s workforce, increasing cost and reducing productivity. Designs from overseas were shipped to a separate US facility, where US citizens could integrate the work into the design and build process.

The semiconductor market is highly competitive; rapid time-to-market is critical and these restrictions hampered the company’s development process and their ability to compete. Engineers accessed designs through several different applications. The classification of data varied, often within individual documents, some components were viewable by all users, while others were subject to ITAR restrictions. Classifying an entire design in a least-privilege manner wouldn’t work.

The manufacturer needed a solution that could apply policies to the individual components within a design document. To improve its competitiveness, the customer required secure collaboration between users at any of their locations, while protecting ITAR-regulated components from disclosure to foreign national.

Critical Success Factors

  • Any user must be able to access design data, while having the appropriate policy applied to individual components
  • Visibility into data movement and forensic trails for ITAR compliance
  • Enforcement of controls on foreign nationals must not break the functionality of design software and simulation applications
  • Allow internet access to the manufacturer’s full resources within each facility, but control use as needed

INDUSTRY

  • Semiconductor design and manufacturing

ENVIRONMENT

  • 12,000 workstations
  • Mixture of Linux and Windows
  • Sensitive engineering drawings

CHALLENGE

  • Comply with ITAR regulations that prohibit foreign nationals accessing export-controlled designs
  • Integration with existing source code control, CAD and simulation applications
  • Allow, but control, internet access for users
  • Monitor activities of foreign nationals

RESULTS

  • Over $4 million in annual savings from duplicate facility consolidation
  • Enterprise-wide discovery of export controlled information
  • Improved productivity through enabling access to designs from any location
  • Achieved virtual network segmentation and a more streamlined physical infrastructure
  • Identification, arrest, and prosecution of foreign national attempting to steal designs

The Solution

Text

Using Fortra™’s Digital Guardian®’s deep contextual awareness, classification and policy identification software, the company could automatically classify, and report on the presence of ITAR restricted components residing on servers, desktops, and laptops across their enterprise. Once data was properly classified, a masking policy could obfuscate ITAR-regulated components from foreign nationals while allowing complete visibility of other fields. The policy also recognized users who were US citizens, to allow for full component viewing.

Prior to deploying Digital Guardian, internet access was denied to employees working on sensitive designs due to security concerns, as a result, collaboration between facilities suffered. Digital Guardian worked with the organization to create policies allowing controlled internet access through the company’s virtual private network (VPN). Since Digital Guardian can distinguish a public from a private network, remote employees could still access the internet. This allowed users to reach a login page for a private network (such as a hotel’s network), but then required the user to connect to the company’s VPN to reach any other URL, giving the company the ability to monitor and log all data activity.

Image
Graphic

The Results

Text

Productivity gains were quickly visible. Masking policies eliminated the need for duplicate infrastructure and physically segmenting employees, saving the company an estimated $4M annually. Further proving its value, DG provided alerts when an employee attempted to steal data on behalf of a competitor. The company successfully prevented the theft and prosecuted the individual.

Data Types We Protect

advanced-engineering
ADVANCED ENGINEERING
aerospace-automotive
AEROSPACE/AUTOMOTIVE
contract-manufactures
CONTRACT MANUFACTURERS
chemicals-pharmaceuticals
CHEMICALS/ PHARMACEUTICALS

About Digital Guardian

INSTALLED BASED

  • Over 600 customers from across the globe
  • Industries served: Business services, education, energy, financial services, government, healthcare, manufacturing, retail, technology
  • Used by 7 of the top 10 patent holders 

DISCOVERY AND CLASSIFICATION

  • Endpoint, network, cloud and local data storage
  • Content, context, and user classification
  • Fully automated to fully manual classification
  • Over 300 data types, over 90 languages 

EDUCATE AND ENFORCE

  • Monitor log, prompt, justification request
  • Auto-encrypt, quarantine, move, block

ACTIONABLE ANALYTICS

  • System, user, and data level event visibility
  • Analytics that filter out the noise
  • Drag and drop incident management
  • Right click remediation in real time

OPERATION SYSTEM SUPPORT

  • Full visibility, analytics and controls across multiple operating systems
  • Mac
  • Windows
  • Linux

DEPLOYMENT

  • On-Premise
  • SaaS
  • Managed Security Program

See how Digital Guardian can protect your organization’s sensitive data and critical assets.

SCHEDULE A DEMO