Security Implications of the Cloud

With the Dassault Systèmes Cloud, small business have access to high-level design tools, allowing for greater sophistication and efficiency, at a fraction of the cost. In an interview at SOLIDWORKS World 2017, David Mann, High-Tech Industry Sales Director at Dassault Systèmes, noted the goal of the Dassault cloud is to level the playing field for small businesses, especially those with limited budgets.

“We see a lot of smaller companies coming up…but they’re using sub-standard tools,” he explains. “What we wanted to do was make available our cloud with all of the high-level design tools, whether it be SOLIDWORKS, CATIA, ENOVIA, or DELMIA.”  Furthermore, he notes, the Dassault cloud allows for greater collaboration, giving small businesses access to consultants and experts throughout the design process.

Leveraging the Dassault cloud seems like an easy win, but business owners may question the security implications of cloud computing. After all, they are entrusting sensitive data to a party outside their own system. Here are a few questions business owners might ask when it comes to cloud security, and how the Dassault Systèmes’ methodology addresses these concerns.

What is the structure of the Dassault Systèmes security process?

Security is at the heart of the Dassault Systèmes’ online business, with an emphasis on Security in Depth. This concept relies on several independent mechanisms put into place to mitigate any single risk. In the unlikely event a malevolent action fails to be blocked by one layer, it will be subsequently prevented by a different mechanism. These layers include: internet, cloud, application, virtual system and physical.

How is my data kept from unwanted internet traffic?

All incoming traffic is filtered by independent mechanisms to ensure reliability and lack of vulnerability cascading. Secured communication channels between the hosting environment and the customer’s premises are used, where applicable, as well.  

How does Dassault Systèmes ensure a thorough design and review process?

At the application level, the Dassault Systèmes online solution receives a strict design and review process. Coding is aligned with industry best practices and double-peer reviewed. Special attention is placed on top OWASP threats and various modules are continuously being scanned and monitored. Virtualized systems that host the data and applications are closely scrutinized prior to being released, as well as after production release. Dassault Systèmes regularly uses attack-like scenarios to monitor the integrity of the model system, and reactivity of operational teams.  

How does the Dassault Systèmes cloud protect from cross-customer data access?

The security of the customer environment relative to other elements in the cloud is ensured through independent layers of solutions, and each customer works on instances that are independent from the other systems. This compartimentation is hardcoded at the application level, and overall, the design ensures sniffing and IP spoofing is not feasible.

How is physical storage managed?

Dassault Systèmes’ nondescript data centers have strict security procedures in place and is limited to authorized staff only. Contractors and visitors are escorted at all times, and all physical access is logged and audited. Additional physical storage is secured through redundant disks, disaster recovery, and backup and restore procedures.  

How does Dassault Systèmes ensure its cloud security is up to date?

In addition to proactive efforts from the R&D team, independent tests are performed at least yearly and at each major platform change. They are carefully planned and conducted in a hacker-like manner, to stress the various security layers and attempt to breach the environment. Beyond platform security, Dassault Systèmes ensures its users have just as much control over their security. The data owner can set granular access rights, and the application is only accessible after the appropriate license has been obtained, minimizing possible surface attacks.  

For more information, read the Dassault Systèmes Cloud Security White Paper.                   

Sources: 

3DEXPERIENCE Cloud Security White Paper

Interview with Dassault Sales Executive

                               

Recent Stories
COE NewsNet - September/October 2017

Q&A with Mike Clare: Looking Ahead to the 2018 Annual Experience & TechniFair

Impact of the Cloud: Three Case Studies