CAD Management Constants: File Security26 Oct, 2022 By: Robert Green
CAD Manager's Column: From accidental deletion to disaster preparedness, file security should be one of your top concerns.
In the 500th edition of the CAD Manager’s Newsletter I went over some constants — things that don’t change — in a CAD manager’s job. One of those key constants is the need to facilitate production and smooth workflow. Not surprising, right? But, what subtasks facilitate this discussion? Starting with this issue I’ll be writing about some of these CAD Management Constants, beginning with File Security.
In this edition of the CAD Manager’s Newsletter, we’ll explore the high-level file security tasks you must cover and I’ll suggest strategies for doing so. Here goes.
Image source: knowhowfootage/stock.adobe.com.
File Security is Job 1
Let’s start here: All the greatest CAD, BIM, or mechanical modelling software in the world means nothing if you lose — or lose control of — your files. File security may seem boring and old fashioned, but if you preside over the loss of project files, you’ll wish you’d paid more attention to it.
The good news is that file security doesn’t have to be a big burden so long as you have a proactive plan. Then, all you must do is follow the plan and perform periodic checks to be sure everything is on track and fix any problems immediately once they are detected. Simply put, plan the work, then work the plan.
The major areas you’ll need to address are:
- Stopping accidental deletion/overwrite
- Addressing cloud data risks
- Creating solid backups
Now let’s expand these topics into a series of action items that assure high file security. Your job now becomes attacking any areas where your current security protocols are deficient and fixing them.
Stop Accidental Deletion/Overwrite
The number one cause of file security problems I’ve experienced over the years is accidental deletion or overwriting of files. If you worry about nothing else, be sure to protect against file loss by considering the following:
Stop C drive hoarding. The surest way to lose files is to let users store large caches of data on their C drives. When users copy/move files from network/cloud drives to their own drives, the chance for many users to work on the same file and thus eventually overwrite files goes up exponentially. If someone violates the “no C drive” policy, put them on notice immediately!
Stop cloud hoarding. When users copy files to their own cloud data storage utility (think Dropbox or OneDrive) the chance of accidental deletion or overwrite is just as high as it is for the C drive case. Simply put, when users start copying files from your controlled network drives to their own personal devices, trouble will be with you soon. Consider unauthorized cloud storage violations in the same way you would a C drive storage violation.
Review network/cloud folder security. Most projects use a directory structure to manage files and some of those directory folders will contain files that are project standards (think blocks, families, standard parts, sub-models, etc.) that should never be deleted. The surest way to deal with these types of accidental deletions is to review your network/cloud security group structures to keep standards secure. As a side note: Don’t just make the standards folders delete protected but keep them non-writable if at all possible so nobody puts non-standard content into the folder in the first place.
While accidental deletion will never be 100% eliminated, it can be substantially minimized by ensuring the above procedures are in place. And, by stopping accidental deletion you’ll have fewer panic moments and won’t have to rely on your backups (which we’ll cover shortly) as much.
Address Cloud Data Risks
In most companies, network file/folder security (as reference above) is a well understood concept that IT departments can implement easily. But, in the rapidly evolving world of cloud data storage solutions like Box, Dropbox, OneDrive, etc., there is much work to be done to assure a company of proper file security. Before implementing any cloud-based file management systems, consider the following issues carefully:
Make sure you can centrally control the apps. If your company uses a cloud file storage system, you must be able to control permissions from a central administrative console. Allowing 50 users to maintain their own cloud accounts with no ability to backup or control access to those accounts will only lead to a total lack of security at some point in the future.
Consider employee turnover. If an employee leaves, how do you know that you have all the company data that employee worked on? How do you know you can lock/revoke the account as you would a company cell phone or network account?
Consider synchronization as a cause of data loss. If a user syncs a cloud storage folder to a network location and then deletes a file in their cloud folder, will the file disappear from your network folder? In many cases the answer to this scenario would be “yes,” if tools like OneDrive or Dropbox aren’t correctly controlled.
In summary, your company must think about cloud applications with the same sense of security, loss control, and legal liability that you would with any other company resource. Just because a cloud utility is cheap or free doesn’t mean that you don’t need to think about how it can damage your data.
Backups Are HUGE
Backups exist because, try as you might, you can’t always prevent accidental data loss. Backups are your fall-back defense and without them you can be decimated if hit by malware, viruses, or even malicious employee activity. Here is my standard CAD management backup protocol that I’ve used ever since I can remember:
Let IT do the basic incremental backups. Conducted by your IT department automatically — typically every evening. The purpose of this basic backup is to track daily changes to project files and create a disaster recovery platform that can restore most work files should a major server/building loss occur.
Do your own daily or weekly working backups. Conducted by you via some sort of automated backup process daily. These backups are designed to create a copy of working project directories as of yesterday’s end of work that can be accessed without having to go back to IT’s incremental backups. This backup is redundant and under your control — not IT’s.
Archival backups. Conducted by the CAD manager at key project milestones like submittals or release to manufacturing. These backups should be good enough to go back through the history of any given project and restore all models, drawings, data, PDFs, and other files that comprised the project at any given milestone.
Keep your backups local and remote. While your IT department may store backups off site or in a cloud account, your backups must be local to your own desktop. When a user deletes a file and needs it back immediately, you don’t want to wait 4 hours for IT to hopefully find it in their backups. My recommendation is to get a large, high speed portable disc drive (using a fast USB 3.0 or Thunderbolt interface) on your desktop and create your backups there. Ask yourself, “Do I really want to wait three days to pull an archive set back down from a cloud server to restore it?”
Backup the backups to the cloud. Your portable drive will take care of working project backups for project work way better than IT incremental backups, but what happens if you lose your backup drive? That’s why you should have an offsite backup, just in case.
Use IT backups as your backup. Think of your backup protocol as a means to protect against data loss in all but the most disastrous situations and you’ll be on the right track. This way, if a user deletes a key model or CAD file, you should be able to find it quickly. If the building burns down (taking your portable drive with it), then IT will deal with the disaster recovery.
It really does pay to think about keeping your own backups so you can respond to data loss promptly, without waiting for IT intervention. Once you get the process automated, you’ll never want to function without your own backups again.
As you navigate the daily technology barrage of new software and features, never lose sight of the fact that the only thing they produce are files and the security of those files is of paramount importance. I hope the strategies outlined will help you assess your risk profile and take corrective action if required.
In future editions of The CAD Manager’s Newsletter, I’ll address more CAD Management Constants like this one, so stay tuned. Until next time.