Secure Collaboration in A&D

Is your shared working environment effective for secure collaboration?

April 6th, 2009 | Secure Collaboration in A&D | Posted by Richard Prince

Collaboration within the extended enterprise and across the value chain has transformed the way weapons systems and A&D products are developed, manufactured and sustained.  Yet, the impetus behind collaboration accelerated so quickly that many organizations adopted inefficient and inferior methodologies to traverse distributed environments.  While they achieved some success, they also significantly increased the risk of inadvertent or incorrect transfer of business IP.

In many cases, these methodologies relied upon Shared Working Environments (SWEs) such as File Servers and Public Folders as the application/technology for collaboration.  While this provided a mechanism for personnel to post content which could be accessed by teams or groups, the environment lacked a controlled collaboration process.  Controlled collaboration entails business processes and best-of-breed technology solutions which provide an electronic audit trail of activities (who accessed data, what data was accessed and what form of access (content, meta data, etc.), when did it happen and what was the context for the collaboration (program, project, product, etc.).

During the first week of this discussion, we encourage your input regarding your experiences using SWEs.  In essence, we want the good, the bad and the ugly regarding your experience using these types of environments.

Here are some questions to kick off what I hope will be a lively discussion:

• How are SWEs used in your organization and how successful are they?
• Typically, what are the different forms of SWE collaboration within A&D organizations?
• Which ad hoc and uncontrolled collaboration methodologies have you encountered and why they represent business risk?
• How has the lack of controlled collaboration adversely affected program and project performance?
• How significant is the risk of inadvertent IP or technology disclosure in your daily working environment?

Please comment on what is driving your organization to address uncontrolled and ad hoc collaboration as manifested in SWEs.

Permalink | April 6th, 2009

Comments

1. rprince Says:
   April 9th, 2009 at 8:48 am

   Many A&D organizations face the daunting task of securing intellectual property and maintaining compliance with ITAR and export control requirements. The goal of this blog is to generate some dialog where customers can identify the nature and root causes of the inefficiencies and problems they have encountered when managing and controlling access to information. The discussion is solely focused on sharing experiences, lessons learned and best practices relating to secure collaboration.
   Working within the A&D industry for an Avionics OEM, I encountered problems where file servers were used to store content and share the data with a team of personnel relating to a project. The content naming and revisioning schemes were non-standard and inconsistent. The organization of content and folders across different file servers was inconsistent and fragmented. The lack of consistency and standardization made search, retrieval and re-use of content difficult and confusing. Furthermore, data stored on the file server was universally available to all users. As such, there was no mechanism to segregate content and manage access according to groups or individuals.
   A best practice which we adopted related to the organization of business process owners across different design disciplines such as Project Management, Systems Engineering, Hardware Engineering, etc.. Within the Project Management Process team, they defined a standard set of rules regarding the folder structure of content for all Projects. This also included the use of specific document templates and naming conventions such that data was organized consistently, named consistently and formatted in a common way. They also defined a standard document management application as the sole technology to use for storing project data and content. The document management system had core capabilities for managing access at the organizational, project, team, or user level. It also provided the granularity to control access at the content (document, part, CAD model) level. The system also provided basic configuration management functionality which provided a standard methodology to revise content.
   Are these experiences relevant to your working processes and paradigms? Have you encountered different problems or different variations of these problems? The goal is to share your viewpoint such that other organizations and peers can learn from your experiences and derive value.

Leave a Reply

You must be logged in to post a comment.