PROSTEP | Newsletter

Ad Hoc Yet Secure Data Exchange Via E-mail

an interview with Rolf-Günter Arnz

Exchanging data spontaneously but at the same time securely would appear to be a contradiction in terms. The automotive supplier Edscha manages this balancing act thanks to integration of the data exchange solution OpenDXM GlobalX in Outlook. This allows not only CAD data but also other sensitive documents to be exchanged via e-mail in a way that meets security requirements.

Unlike with other major automotive suppliers, a lot of car owners are not familiar with the name Edscha, even though they are certain to find a number of Edscha products in their cars. For example, door hinges and door stays, the handbrake or the electrically-operated tailgate that can be opened and closed at the press of a button. The company, which forms part of the Spanish Gestamp Group since 2010, has become an indispensable partner to the automotive industry. "I would have a hard time naming an OEM that we don't supply with parts or haven't supplied in the past, " says Rolf-Günter Arnz, CAE project manager and the person responsible for IT security at Edscha.

Edscha Holding GmbH is headquartered in Remscheid, Germany and has a workforce of approximately 5,200 employees at 21 locations in 14 countries who generated 836 million euros in revenues in 2015. The products are developed at eight sites in what are often cross-site development projects. This means that in the early phase of a project in particular – a phase in which the CAD data has not yet been checked into the PLM system – the data also needs to be exchanged between the sites. Edscha uses SAP PLM as the enterprise-wide data backbone.

The company has been trying for several years to standardize its products and components to a greater extent with the aim of reducing the amount of time and effort spent on developing and manufacturing customer-specific configurations. The product models, however, have to be delivered in the CAD format used by the respective customer, which complicates standardization. Like many other automotive suppliers, Edscha has a heterogeneous CAD landscape: The design engineers use the programs CATIA V5 and NX, which are connected to the PLM system via the CATIA Direct Interface (CDI) or the SAP Engineering Control Center (ECTR).

Many partners have no suitable data transfer solution

Edscha has been using PROSTEP's data exchange solution OpenDXM for many years to exchange CAD data with OEMs and suppliers, who for example manufacture cast, forged or sheet metal parts for hinges and the tools needed to do this. But the problem was that many of the smaller partners did not have a data transfer solution that supported the exchange of CAD data via OFTP or ENGDAT. It was impossible to exchange data with these partners using a logged, secure and encrypted process. The provision of data within the company via FTP server also no longer satisfied current data security requirements. "Another reason for the search for a more flexible solution was the fact that non-engineering departments sometimes had to exchange files that exceeded the limit permitted for e-mail attachments and made do with cloud services from third-party providers," says Arnz.

Edscha decided to replace the existing data exchange solution with OpenDXM GlobalX in order to stem the uncontrolled and unregulated exchange of data. PROSTEP's web-based data exchange platform supports conventional OFTP-based data exchange and also allows data to be made available in encrypted form via the Internet. This meant, on the one hand, that Edscha was able to meet the new requirements and, on the other, incorporate the existing data exchange processes, with ENGDAT packaging and OFTP logging for recipients that do not expect data to be made available via the portal, in one environment.

In technical terms, migration to the new solution was not that difficult. What needed the most time and effort was cleaning up the database of existing exchange partners with its more than 3,000 profiles, many of which were no longer even relevant. During the cleanup, the number of partners was reduced to 700 and given a more granular structure to take account of the different exchange processes. The system administrators created a total of eight different templates for internal and external exchange relationships, with and without postprocessing, which made creating new partners much easier. The templates are also the prerequisite for ad hoc data exchange using OpenDXM GlobalX's Outlook integration.

Definition of ad hoc relationships

The Outlook integration allows data to be sent to partners securely via e-mail and encrypted data to be received from these partners without first having to set up a partner connection. The data is not in fact actually sent as an e-mail attachment, instead it is made available for downloading in the demilitarized zone (DMZ) of the OpenDXM GlobalX server using secure data lines with secure encryption. The exchange partner merely receives an e-mail message telling him that data has been made available and that he can log on to the server using his password and download the data. The first time that contact is made, an e-mail informing the partner that an account has been set up is sent. This is followed by a second e-mail containing a link for assigning a password. The software creates a corresponding partner profile in the background.

At Edscha, the profiles for ad hoc partners are currently valid for 14 days and can also be used to upload partner data securely. This is important because the data is often sent back and forth between Edscha and suppliers a number of times times during the coordination phase. After 14 days, the ad hoc profiles are automatically deactivated but not deleted, this has the advantage of allowing them to be reactivated again quickly if a supplier becomes a long-term partner.

A major advantage of the Outlook integration is the fact that large files can also be sent from the e-mail program, or rather, be made available. The software makes it possible to specify which size files and which formats have to be automatically routed via the data exchange platform to ensure compliance with the rules for secure data exchange, even if the user is not familiar with the rules. The employees at Edscha have been made aware of the data security issue, says Arnz, and because he is the person responsible for IT security, they nowadays let him know if suppliers are sending them data in normal e-mails.

Compliance with security regulations

Thanks to be ability to exchange data ad hoc, the level of acceptance of OpenDXM GlobalX is very high, both among the company's own employees and its partners. This is reflected for example by the fact that the number of exchange partners in the database has increased to almost 1,000. Arnz estimates that approximately 20% of these are Edscha employees from non-engineering departments. In terms of volume, the largest amount of data exchanged is of course CAD data, even though the CAD models for Edscha products are not very big and OEMs today no longer send installation spaces that are as big as they were just a few years ago.

OpenDXM GlobalX is installed at Edscha as a standalone solution without PLM integration – a conscious decision made to avoid all the project team members sending data directly from SAP PLM. Engineers can use the SAP start interface to gather the assemblies that they want to send and prepare them for transfer via Outlook or the OpenDXM GlobalX web interface. Incoming data is stored in a group webspace so that colleagues can also access the data should the actual recipient become ill or be absent for some other reason. All data exchange operations are carefully logged, something that is extremely important: "It often happens that previous data exchange operations have to be verified," says Arnz.

The main benefit of the data exchange solution is the fact that Edscha can now meet customers' data security requirements more easily because now even partners that do not have an ENGDAT or OFTP connection are connected. "Data security has improved significantly," concludes the person responsible for IT security.