2011 Autodesk Securing AutoCAD IP in the era of WikiLeaks
Presenter: Rahul Kopikar Co-Founder, Seclore Technology
Slide 2
2011 Autodesk Class Summary In this class you will learn about
Information Rights Management (IRM) Technology and how IRM can be
used to prevent design drawing IP from getting leaked in a
collaborative environment
Slide 3
2011 Autodesk Learning Objectives At the end of this class, you
will be able to: Understand and appreciate IRM technology
Understand how IRM can be used to prevent information leakages
Understand the different controls that can be enabled in IRM Learn
and find use cases within your organization where IRM can be
used
Slide 4
2011 Autodesk Agenda Introduction to Information Rights
Management (IRM) The Problem The Solution Definition of IRM Salient
features of IRM Some business use cases for IRM Demo: IRM in action
Summary
Slide 5
2011 Autodesk Introduction to Information Rights Management
(IRM) The Problem The Solution Definition of IRM Policy Salient
features of IRM
Slide 6
2011 Autodesk Today Engineering and Manufacturing companies
constantly exchange intellectual property (IP) in the form of
AutoCAD design documents. Designs are exchanged within the
organization & outside like sub-contractors and vendors. Due to
the global nature of business, the threat of these design drawings
getting leaked to competitors has been constantly increasing over
time. Once information is shared, there is no control on where and
how the information will flow further. Recipient of information may
share it with others (competitors) or host it on a public portal
(e.g. wikileaks) causing, either Revenue or Reputation loss. Why
IRM?
Slide 7
2011 Autodesk COMPETITOR Enterprise SUB-CONTRACTOR Competitors
Case 1: Information shared with customer / vendor is lost
unintentionally or intentionally leaked by an insider to
competitor. Case 2: Employee joining competitor. Some examples of
data leakages
Slide 8
2011 Autodesk Introduction to Information Rights Management
(IRM) The Problem The Solution Definition of IRM Policy Salient
features of IRM
Slide 9
2011 Autodesk A typical approach most organizations follow is
to restrict collaboration methods Blocking devices like USB, CD-ROM
and tools like internet, emails, etc. This approach increase
SECURITY, But at the cost of COLLABORATION !! Typical Approach
Slide 10
2011 Autodesk With IRM, the sender is not restricted from
sending information This approach increase SECURITY &
COLLABORATION !! But, the receiver is allowed to perform only
authorized activities depending on the IRM policy applied to the
document Right Location Right Time Right Action Right Person A
better Approach- IRM
Slide 11
2011 Autodesk Introduction to Information Rights Management
(IRM) The Problem The Solution Definition of IRM Policy Salient
features of IRM
Slide 12
2011 Autodesk WHO can use the information (i.e. right person)
People & groups within and outside of the organization can be
defined as rightful users of the information WHAT can each person
do (i.e. right action) Individual actions like reading, editing,
printing, distributing, copy- pasting, screen grabbing etc. can be
controlled WHEN can he use it (i.e. right time) Information usage
can be time based e.g. can only be used by Mr. A till 28th Sept OR
only for the 2 days WHERE can he use it from (i.e. right location)
Information can be linked to locations e.g. only 3rd floor office
by private/public IP addresses The Usage policies that can be
defined are- IRM Policy
Slide 13
2011 Autodesk WHO WHAT WHENWHERE ReadEditPrintDistribute Tim
Yes No Till the time of employmentWithin office network Jim YesNo
30 th November 2011Within office network organization Jim Tim An
E.g. - Scenario: Research reports & drawings
Slide 14
2011 Autodesk Introduction to Information Rights Management
(IRM) The Problem The Solution Definition of IRM Policy Salient
features of IRM
Slide 15
2011 Autodesk Company B Company Sub-Contractor a. Dynamic :
Policies can be changed without having access to or redistributing
the information Salient features of IRM technology
Slide 16
2011 Autodesk organization b. Persistent : Policies are
implemented on information and all its copies wherever they are
transmitted or stored Salient features of the technology
Slide 17
2011 Autodesk c. Monitoring : Individual actions ( authorized
AND unauthorized ) like viewing, editing, printing etc. are
monitored & tracked Salient features of the technology
Slide 18
2011 Autodesk Some Business use cases for IRM
Slide 19
2011 Autodesk IRM technology can be used when- Confidential CAD
drawings needs to be shared to specific employees only. Frequent
temporary/project-based relationships are established with
manufactures & contractors Sensitive CAD designs are sent to
manufacturers to execute a business process Confidential CAD
designs (and the associated liability) are received from customers
Few business Use Cases
Slide 20
2011 Autodesk Demo: IRM in Action
Slide 21
2011 Autodesk Summary
Slide 22
2011 Autodesk IRM enables the sender of information to control
the actions of the receiver even after it is sent to the receiver.
The controls set by the sender can be broad or granularly defined
depending on the need of the business process. The controls can be
changed in real time and are persistent. A complete log of all the
activities done by the receiver are centrally
maintained.Summary
Slide 23
2011 Autodesk Autodesk, AutoCAD* [*if/when mentioned in the
pertinent material, followed by an alphabetical list of all other
trademarks mentioned in the material] are registered trademarks or
trademarks of Autodesk, Inc., and/or its subsidiaries and/or
affiliates in the USA and/or other countries. All other brand
names, product names, or trademarks belong to their respective
holders. Autodesk reserves the right to alter product and services
offerings, and specifications and pricing at any time without
notice, and is not responsible for typographical or graphical
errors that may appear in this document. 2011 Autodesk, Inc. All
rights reserved.