This article is contributed. See the original author and article here.
Intellectual property (IP) theft can wreak havoc on the supply chain and defense, stripping away an organization’s, or nation’s, competitive advantage. Hackers don’t necessarily pose the biggest threat to IP. Insider threats from employees, contractors and partners pose just as big a threat (some might argue bigger) from both accidental and deliberate data loss. While IP comes in many common forms, such as documents and spreadsheets, but images and CAD files pose just as big a risk and are more difficult to protect with traditional security tools. It is possible to protect and watermark CAD files stored and shared in Microsoft 365 applications to help prevent data loss and IP theft and meet Defense compliance requirements such as CMMC. Read on to learn more.
WHAT ARE CAD FILES?
If you’re not familiar with them, computer-aided design (CAD) files are used for designing models or architecture plans in a 2D or 3D rendering. CAD files are used for creating architectural designs, building plans, floor plans, electrical schematics, mechanical drawings, technical drawings, blueprints, or for special effects in movies. They are used by every organization related to any type of manufacturing or construction, including those who manufacture tools and equipment for other manufacturers.
2D CAD files are drawings that mimic ‘old school’ drafting work. Most often these still exist as blueprints for structures where the height isn’t as critical for the design or is a standard dimension, however the layout within that 2-dimensional space is critical. For example, how do we fit our desks, chairs, tables, etc., into that space? The problem with portraying complicated 3-dimensional objects like machine parts in only 2 dimensions is that they need to be rendered from multiple angles so that all critical dimensions are portrayed properly. This used to result in a lot of drawings of the same part, but from different angles.
3D files on the other hand can be portrayed in 3 dimensions and can be rotated in space and even ‘assembled’ with other parts. This can help Engineers discover issues (such as a pipe or shaft that has been accidentally routed through another part) much more quickly so they can be resolved long before production begins.
Much like image files, there are several types of CAD file extensions (.DWG, .DXF, .DGN, .STL) and the file type is dependent on the brand of software used to create them.
CHALLENGES TO CAD FILE PROTECTION
Since most CAD files contain intellectual property or IP, protecting them is critical to protect competitive advantage, avoid malicious theft/corporate espionage and stop sharing with unauthorized audiences. Depending on the industry, different regulations and protection policies may also need to be applied to protect CAD files. For example, in the defense industry, file that contain controlled unclassified information (CUI) must be classified and labelled as CUI under CMMC 2.0, NIST 800-17, and NIST 800-53 regulations.
Out of the box tools are often limited in their ability to classify and tag CAD files to meet the stringent requirements. Additionally, CAD files are often shared and collaborated on using file shares or even file sharing and collaboration tools like SharePoint, and Teams. Without the ability to properly classify and tag information Defense suppliers are at risk of losing valuable Government and Defense contracts to accidental sharing or malicious users.
5 TIPS TO PROTECT CAD FILES IN M365
Protecting CAD files is no different to protecting any other sensitive documents in your care. We recommend you:
Identify Sensitive CAD Files – The first step to any data protection strategy is knowing where your sensitive CAD files exist. If you don’t, you should consider using a scanning tool to find any files and apply appropriate protections.
Restrict Access – Ensure only users and partners who require access sensitive CAD are authorized to do so. Then follow tip #3.
Restrict Actions Authorized Users Can Take – Just because a user should be able to access a document, should they have carte blanche? For example, should they be able to edit it, download it or share it? Should they be able to access it on a public Wi-Fi or at an airport? You need to be able to apply fine grain access and usage controls to prevent data misuse and loss.
Digitally Watermark files to provide a visual reminder of the sensitivity level of files and add information about the user for tracking purposes in the event of a leak. For Defense applications you’ll want to add CUI markings to your watermark such as a CUI Designation Indicator.
Track Access – Keep an audit log of access and actions authorized users have taken with sensitive CAD files (print, save, download, email, etc.) and have a process in place to identify any suspicious activity (multiple downloads, access in the middle of the night, from a suspicious IP address, etc.).
DYNAMICALLYCLASSIFY, PROTECT AND WATERMARK CAD FILES WITH NC PROTECT
NC Protect from Microsoft Partner and MISA member, archTIS, provides advanced data-centric security across Microsoft applications to enhance information protection for cloud, on-premises and hybrid environments. The platform empowers enterprises to automatically find, classify and secure sensitive data, and determine how it can be accessed, used and shared with granular control using attribute-based access control (ABAC) and security policies.
NC Protect offers a range of unique capabilities to restrict access to, protect and watermark CAD files, as well as other documents, in Microsoft’s document management and collaboration application. Capabilities include:
Classification
NC Protect automatically applies Microsoft Information Protection (MIP) sensitivity labels based on the contents of the file.
Apply additional meta data or classification as required. For example, tag files as CUI.
Encryption
NC Protect leverages Microsoft Information Protection (MIP) sensitivity labels and Rights Management System (RMS) to encrypt CAD and other files.
Encrypt files at rest or in motion (e.g., email attachments)
Watermarking
Watermark CAD files with any attributes such as user name, date, time, etc. to deter photographing and remind users of the sensitivity of the file.
Automatically embed CUI Designator data into a 2D or 3 D CAD file as a secure digital watermark including: Name, Controlled BY, Category, Distribution/Limited Dissemination Control, and POC.
Add CUI designator markings.
Restrict Access & Actions
Protected CAD files can only be opened and modified by authorized users based on predefined policies.
Force read-only access for internal and guest users with a built-in Secure Viewer to prevent Copy, Paste, Print, Save As and Download capabilities.
Policies can also control if and who protected CAD files can be shared with.
Hide sensitive CAD files from the document view of unauthorized users in file sharing applications.
Tracking
Track access to all protected files as well as actions users have taken with the file.
Export user actions and logs to Microsoft Sentinel, Splunk or a CSV file for further analysis and upstream actions.
Supported Platforms & File types:
Protects CAD file across all Microsoft 365 applications: SharePoint, Teams, OneDrive, Exchange email, Office 365, as well as SharePoint Server and Windows file shares.
EASY TO CONFIGURE ACCESS, PROTECTION AND WATERMARK POLICES
Applying these policies and controls with NC Protect from archTIS is easy to do using the product’s built-in policy builder.
EASY TO CONFIGURE ACCESS, PROTECTION AND WATERMARK POLICES
For example, the policy below allows NC Protect to deny any guests users the ability to see that CAD files even exist within the network. With this policy activated, a guest will not see a dwg file – even if it resides in a container or Team that they have full access to. Consider how easy it is to share access to SharePoint, OneDrive and Teams with external users and how critical collaboration with external vendors can be for the business.
Users often place sensitive data into places that they don’t realize are accessible by people outside of the organization. This policy allows NC Protect to apply a blanket restriction on guests and mitigate the potential loss of sensitive intellectual property.
For more granular protection, the policy below forces any users who are not part of the Engineering Department to be limited to read only access to CAD files. Even if someone from the Engineering group gives them access to these files, if their department is not Engineering NC Protect will automatically invoke the Secure Reader when they try to open them. In this case the department attribute is being used, but NC Protect can use any attribute such as existing group memberships, title or any other custom attribute to determine how users can interact with these files.
NC Protect’s built-in Secure Reader enforces ‘true read only’ access. Users can’t download, copy or even print a protected file. NC Protect can also watermark the CAD file (or any other type of file) so if a user screenshots the drawing, the photo will contain their name, date and ‘CONFIDENTIAL’ as seen in the image below.
About the author
Irena Mroz, Chief Marketing Officer, archTIS
As CMO, Irena Mroz is responsible for leading archTIS’ product marketing, branding, demand generation and public relations programs. A technical cybersecurity marketer, Mroz has spent her 25+ year career empowering start-ups and public software companies to exceed growth objectives through successful product positioning, demand generation, high profile events and product evangelism. Mroz holds a Bachelor of Science in Mass Communications from Boston University’s College of Communication.
About archTIS
archTIS is a global provider of innovative software solutions for the secure collaboration of sensitive information. The company’s award-winning data-centric information security solutions protect the world’s most sensitive content in government, defense, supply chain, enterprises and regulated industries through attribute-based access and control (ABAC) policies. archTIS’ complementary NC Protect software enhances Microsoft security capabilities with fine-grain, dynamic ABAC policies to control access to and add unique data protection capabilities to secure sensitive data across Microsoft 365 apps, SharePoint on-premises and Windows file shares. The company is a Microsoft Partner and a member of the Microsoft Intelligent Security Association. For more information, visit archtis.com or follow @arch_tis.
This article is contributed. See the original author and article here.
At Microsoft Inspire 2023, we announced that we are bringing together Microsoft Dynamics 365 Marketing and Microsoft Dynamics 365 Customer Insights into one offer, enabling organizations to unify and enrich their customer data to deliver personalized, connected, end-to-end customer journeys across sales, marketing, and service. We are retaining the existing “Dynamics 365 Customer Insights” name to encompass this new offer of both applications. Today, we’re excited to share that the new Dynamics 365 Customer Insights is now generally available for purchase.
For our existing Dynamics 365 Marketing and Dynamics 365 Customer Insights customers, this change signals an acceleration into our “better together” story, where we’ll continue to invest in new capabilities that will enable stronger, insights-based marketing, making it easier for marketers and data analysts to glean insights from customer data. Beginning September 1, 2023, customers who had the previous license for Marketing and/or Customer Insights will only see a product name change in the product; there will be no changes to the core product functionality due to the consolidation of the two products.
The new Customer Insights offers your organization flexibility to meet your business needs, with access to both the customer data platform (Customer Insights—Data) and real-time marketing with customer journey orchestration (Customer Insights—Journeys). The new pricing enables customers to unlock access to both applications and then buy the capacity they need. This gives you, our customers, the power of choice—where you can start with one or both applications and further invest in the capabilities that you’d like to scale. If you’re an existing customer of Microsoft Dynamics 365 Sales or Microsoft Dynamics 365 Customer Service, you can use Customer Insights as the foundation of your customer experience (CX) stack by achieving greater customer understanding and orchestrating contextual customer journeys across every touchpoint of the business.
Achieve greater personalization with Copilot in Dynamics 365 Customer Insights
With the Customer Insights customer data platform, you can gain a holistic view of your customers, anticipate needs, and discover growth opportunities. And with real-time marketing and journey orchestration, you can deliver personalized, in-the-moment customer-triggered engagements that are relevant and contextual. With Copilot in Customer Insights, you can save time by using natural language to create or enhance target segments. You can also nurture creativity by turning topics into suggested copy, helping marketers move from concept to completion faster.
With the power of Copilot in Dynamics 365 Customer Insights, included at no additional cost, your data analysts and marketers can be more productive and increase their focus on personalizing the customer journey.
Our latest investments in copilot capabilities include the ability to:
Get help with content development by providing a short list of key points, and tailor with a tone of voice that matches your brand and campaign. Utilize the generated content suggestions as-is or build upon them in email, social posts, and more.
Customer success with Dynamics 365 Customer Insights: Lynk & Co
Let’s take a look at an organization that is using Dynamics 365 Customer Insights today.
Lynk & Co is a Sweden-based company that is transforming the way people use cars by offering a simple and flexible experience where customers can choose to buy, borrow, or subscribe to a vehicle. With ambitions to disrupt the automobile industry and launch its business in seven markets in less than two years, Lynk & Co needed to quickly build an infrastructure that could support multi-channel customer engagement and drive highly personalized experiences. The company chose Microsoft Dynamics 365 for its out-of-the-box and customizable tools and the ability it provided to build in modules to create unique processes and prioritize specific customer experiences. Within 18 months, Lynk & Co was able to ramp up a significant digital presence in Belgium, France, Germany, Italy, Netherlands, Spain, and Sweden, as well as open social clubs designed to bring the company’s online brand to life through community-focused events.
The company uses Dynamics 365 Customer Insights to capture actionable customer data and link it with operational data within its cars. This is helping the company create seamless, highly personalized experiences for every customer from their first engagement to every time they use the app, drive a car, have service, or visit a club. It also makes it easy to support customers if they want to move from simply borrowing a car, to a monthly subscription, or to a car purchase.
With the customer journey orchestration features in Dynamics 365 Customer Insights, customers get personalized messaging and image content. Beyond that, the system sends right-timed information on specific-to-the-customer club event invitations. These events vary from country to country but have included everything from unplugged live music nights and art openings to meet-ups for running and cycling groups, community talks on social issues, or workshops on how to upcycle old sneakers.
Engagement data from these events feeds back into the platform to further personalize member experiences across all lines of business, across all communication channels—and helps Lynk & Co learn and iterate.
Learn more and get started today with Dynamics 365 Customer Insights
To learn more about Dynamics 365 Customer Insights, take the guided tour or start a free 30-day trial. If you have questions about the merging of Dynamics 365 Marketing and the previous Dynamics 365 Customer Insights, including pricing, please reference the FAQ on Microsoft Learn. If you missed Inspire 2023, you can watch the session by Emily He (Corporate Vice President, Business Applications Marketing), on demand, to see the announcements for Business Applications, including the latest innovations in Dynamics 365 Customer Insights.
The new Dynamics 365 Customer Insights
We’re bringing together Marketing and Customer Insights into one offer.
This article is contributed. See the original author and article here.
Introduction
Supply Chain Management lets you manage, track, and verify compliance with export control restrictions prior to confirming, picking, packing, shipping, and invoicing sales orders. The new advanced export control functionality allows you to manage your export control policies using a native Microsoft Dataverse solution that interfaces directly with your Supply Chain Management instance. Supply Chain Management then enforces compliance with international trade regulations by consulting your export-control policies in real time.
The export control dataverse solution allows you to keep track of the many different rules and policies, expressing these rules, including complex ones, using formulas similar to those in Microsoft excel. The fact that it is a dataverse-based solution also allows your other systems to access your export control rules thanks to the hundreds of connectors available for Dataverse.
The solution implements five primary concepts:
Jurisdictions
A jurisdiction is a set of codes, categories, restrictions, exceptions and licenses. It represents a set of configurations that apply to incoming requests. Like the US International Traffic in Arms Regulation (ITAR), US Export Administration Regulations (EAR) or EU Dual Use.
You can create as well your own jurisdiction for your companies internal policies.
Codes and categories
The codes that make up a jurisdiction are often referred to as Export Control Classification Numbers (ECCNs).
An example of an export control classification number is 7A994, which is defined by the United States Export Administration Regulations (US EAR) export control jurisdiction. This classification number applied to “Other navigation direction finding equipment, airborne communication equipment, all aircraft inertial navigation systems not controlled under 7A003 or 7A103, and other avionic equipment, including parts and components.” According to the US EAR, ECCN 7A994 is a part of the *Anti Terrorism (AT)* control category.
Restrictions
Each export control jurisdiction defined a set of restrictions under which export control actions should be disallowed unless an exception exists.
Exceptions
Exceptions allow an action even though a restriction would otherwise block it. Common types of exceptions include licenses, blanket exemptions, and corporate policies.
Exceptions are defined the same way as restrictions, but also provide extra requirements that apply when the exception is used, such as the need to display a message to the user o to print text and licenses on documents.
Licenses
Licenses are the specific permissions to be able to trade an item or set of items in a given context. It is common that the authorities are the ones providing the licenses.
Recent Comments