European Component Manufacturer, Weber Gmbh, Protects Prototype Car Designs With Vormetric
Weber GmbH is a medium-sized family-owned corporation with locations in Germany, Poland, and China. Weber uses advanced injection molding techniques to create components for furniture, medical equipment and automobiles. To design plastic components for cars, Weber is entrusted with computer-aided design (CAD) 3D models of entire vehicles.
Of all Weber’s wide number of clients, a world-renowned European auto manufacturer was the first to insist that CAD files for its prototype models be fully protected by a robust, commercial-grade encryption solution that was comparable in rigor to the stringent ISO 27001 information security standard.
Prior to embarking on its search for a viable encryption approach, Weber relied on its standard layered defenses to protect CAD information. Christopher Kutzner, Weber’s IT application manager, elaborated “We actually didn’t encrypt any of our CAD data. We had tested various options, but because of the emphasis on the client-side, we just weren’t comfortable with doing a full roll-out in our environment.”
In addition to identifying and implementing a solution that would offer equivalent protection to the ISO standard, Kutzner had requirements for strong separation of roles to reduce unnecessary access to the files, and for the encryption to have zero detectible latency, even for users working with the largest CAD datasets. The diversity of Weber’s data, and the varying requirements for security, also elevated the need for granular access and file-level control.
Kutzner recalled, “We initially looked at a couple of hardware solutions but they were too monolithic in their approach, and far too expensive for our needs. This helped to surface the requirement that any option should not necessitate the purchase of new hardware. When we examined what was really needed, it transpired that only a relatively small portion of data needed to be encrypted. After further investigation we decided that the solutions from Thales eSecurity gave us by far-and-away the best performance and functionality for the investment.
“We installed Vormetric Data Security Manager onto a server and ran comparisons for both reads and writes against a broad selection of CAD files. Performance was our final evaluation test and as we didn’t see any difference between accessing unencrypted files and those encrypted by Thales eSecurity we immediately decided to standardize on Thales eSecurity.”
With the looming car company deadline for having encryption deployed, Weber hurried to implement Vormetric Data Security Manager to secure the CAD data. Kutzner revealed, “Since we only had a short timeframe, our initial plan was to begin the process of encrypting data to demonstrate that we had the commitment and the capability.
“The solution is very intuitive; we quickly learned how to create administration roles to move files, how to set user roles to decrypt and modify certain files, and how to manage the encryption keys. We were able to proceed much faster than we originally anticipated, and had finished converting everything by the time the car maker’s team visited.”
On receiving approval from the globally recognized auto company, the Weber team initiated a broader follow-on project to further refine its encryption needs. “Thales eSecurity scaled very easily on our virtual server farm and users didn’t see any performance degradation at all: When implemented, it’s that fast and invisible!”
The Thales eSecurity solution has continued to impress Kutzner: “One of the critical requirements of the audit done by the car maker’s team was to have key administration separated from the data, and this is an area where Thales eSecurity really excels,” he noted.
“We defined new roles for our administrators – they are allowed to create folders on the encrypted drive, delete empty folders, and rename them – but they do not have access to the data. When a user opens an encrypted folder they only see the files they are permitted to access; they can’t even see the files they are not authorized to decrypt. Thales eSecurity really impressed us with how easy it was to implement a worldclass encryption solution.”
Kutzner concluded, “Vormetric Data Security Manager has fulfilled all our expectations and I would confidently recommend it to peers in similar situations.”