Exchanging files with security and confidentiality

Companies need a secure solution to exchange confidential technical files.

When surveyed about the number one requirement for the exchange of their technical files, 64.4% of respondents cited security in the exchange of data, followed by the ability to exchange large volumes of data (56.8%) and a fast and convenient way to transfer data (54.5%) These are the results of a PROCAD survey (in German). Both email and FTP-based file transfer have individual weaknesses in at least one of the mentioned requirements categories.

There are multiple aspects to the secure and confidential exchange of documents. Not only does the transmission path need to be secure, there also need to be mechanisms in place that ensure that only authorized users can access the data. Access logs must be kept to ensure traceability. This transforms the uncontrolled transfer of data into a controlled exchange that also meets compliance guidelines.

A professional platform should also allow companies two choose between a cloud deployment and a private cloud/on-premise solution hosted on their own servers. An SSL/TLS encryption protocol is in place to ensure encrypted data transfer and authentication of servers and clients. Furthermore, the symmetric encryption procedure AES-256 allows for the decryption and encryption of passwords using randomly generated values and complex hash algorithms.


Authentication and access authorizations tailored to the individual user

First of all, the authentication data and user passwords need to satisfy the zero knowledge principle. This principle ensures that no one other than the client can access the data, not even the administrators of the service provider. Professional file exchange platforms designed specifically for technical companies also include capabilities to customize access rights and adapt user roles to different project rooms. The digital rights management (DRM) concept not only minimizes administrative hassles, but also creates a secure basis for confidential collaboration in cross-company projects.

Sophisticated capabilities to manage access rights ensure confidentiality and security in the communication with suppliers, customers, partners, and service providers. What’s more, companies meet their internal compliance guidelines. Granular access rights can be granted to allow multiple companies to view or edit different documents. Companies should only be able to see the documents intended for them, but not those uploaded by their competitors, for example, to submit their tender for an assembly. Additional security aspects include comprehensive activity logging (who did what and when with the files) and the assignment of validity periods for business-critical documents and files.

This is simply not possible with traditional solutions like email and FTP or generic platforms. The virtual project rooms in PROOM help technical companies fully comply with market standards for security for the secure and convenient transfer of confidential documents.

* Source for the Bitkom survey:  Industrie.4.0 Magazin, newsletter 15-2017

Secure file exchange with PROOM. Try it now.