The discussion about cloud security is storming. You can see it going wide, and everybody wants to add something about how future CAD or PLM cloud solutions will be either secured or unsecured. If you want to spot some bad predictions about the cloud and engineering software, navigate to Hey! You! Get Offa My Cloud! Dezignsuff blog. Matt Lombard mentioned recently published prediction by Apple co-founder Steve Wozniak – Cloud Computing Will Cause ‘Horrible Problems In The Next Five Years. I noted the following passage:
The more widespread the cloud becomes, the more it is seen as a target, the less secure it becomes. If you put a pot of gold in the cloud, someone is going to figure out how to loot it. It’s just that simple. CAD data is a huge jackpot forcorporate espionage. Putting it in the cloud will just make it that much easier.
By co-incidence, my attention was caught by TechCrunch article – Is This Apple’s Next iPhone? Yeah, Sure, Why Not. The stories about secrecy around new Apple devices aren’t new thing. However, that time I found it quite connected to engineering and manufacturing. The likely iPhone 5 (or next iPhone) was half assembled from leaked supplier parts. I found the following quote quite interesting:
I’m far less interested in an iPhone rebuilt from scrap parts than asking how these scrap parts leaked in the first place. To be honest, I preferred an Apple that was trying to change the CE manufacturing industry by forcing accountability, control, and secrecy. Manufacturers love leaking information in an effort to pump and dump their stock. Earlier, a post in Digitimes simply hinting at an Apple partnership would usually do the trick. Now, with a new, kinder Tim Cook at the helm, it’s clear that manufacturers are far less afraid of Cupertino.
Cloud Security? Red herring…
I wanted to connect these two stories together. I agree with Matt Lombard about his "pot of gold" analogy. If you put it somewhere, most probably somebody will try to steal it. It is true for diamonds, personal information, engineering drawings and many other things. As we can see people could reconstruct iPhone from scrapped parts. You can imagine similar situation happens with any other manufacturing and engineering organization. In most of the cases, I can see people as a much weaker part of the chain than computers. USB drives, blueprints and scrapped parts – this is a short list of opportunities. At the end, using money and sex you can get what you need much faster than by cracking cloud security system.
The issue of cloud sustainability is actually more important. In my view, people often think about sustainability when they are afraid of cloud solutions. What will happen if "my cloud" disappears tomorrow? The sustainability of cloud companies and the ability to get your information to you is the topic I’d recommend focusing on when you talk to your potential cloud vendors. On the other hand, the same topic is relevant in the context of any CAD system. What will happen with your 3D models if you are not able to use your CAD system anymore? No difference…
What is my conclusion? There are three things that, in my view, need to stay in focus – People, Security Procedures and Cloud sustainability. You need to focus on people, because they are much bigger risk compared to the technologies. Security procedures are important. There is no security technology that protects you from USB sticks and unsecured passwords. Ask vendor real questions – how sustainable their cloud solution, how to get data in case you stop subscription and similar things. Just my thoughts…