How to prevent files from opening on "Unauthorized" computers

I've researched around quite a bit, with no luck. What I need in a nutshell is a way to protect my company's intellectual property. Some AutoCAD drawings walked out the door with a disgruntled employee, and we're now seeing proof that they've been handed over to our competitor. I'm under orders to figure out ways to prevent this from happening again.

I need for select files to be accessible only from company computers. In other words, the file may wind up copied to a flash drive, or emailed, but without authorization being given, the receiving computer can't do anything with it. I understand that even that is not a perfect solution; a determined thief will simply take screenshots of what he wants before giving his notice, or whatever. That, however, will have limits. One of our larger machines involves hundreds of drawings. It would be quite an endeavor to screencap all of that.

Okay, background: We're a Windows house, ~40 users, mostly now on Win7, though a few stations still running XP. Server to be used is 2008R2. I've played around with BitLocker, but now see that it won't stop a thief from copying. (I believe it decrypts the file as you copy it off to another disk) Here's the hard part: A few of our users do need to be able to take files with them on their laptops, and they still need to be protected. If that wasn't the case, I could do much of what I need with sharing setup and group policies on the server.

I've also looked into CADVault. It has its uses, but also doesn't appear to be set up to stop a disgruntled employee.

Any thoughts? I'd be willing to consider 3rd party software solutions, or even hardware if it wasn't terribly expensive. I'm trying to find out more about Check Point, but I think that they may be overkill for what we need.

Rayfield

Posted 2012-08-22T19:56:54.820

Reputation: 21

8Ah, the DRM problem. Good luck! – Matt Ball – 2012-08-22T20:01:26.197

1Sounds like you need to seek an Attorney sounds like a lawsuit especially if you can prove intellectual property rights – DJ KRAZE – 2012-08-22T20:06:12.573

We're investigating the legal side..it gets tricky. We can visibly see that their machine is a carbon copy of ours, but the process of proving that they have our docs in-house could be lengthy and expensive. Thanks for the look! – None – 2012-08-22T20:49:37.243

5This is simply not possible. If they can read it, they can copy it. – Luke – 2012-08-22T20:54:22.450

1You won't be able to stop it, but perhaps you could add watermarks such that it's easier to prove a design was copied, just as map makers sometimes include fictional streets. – Adrian McCarthy – 2012-08-22T23:34:13.480

You can lock a DWG with a password but I have not heard of locking it to specific hardware. All I can think of is using xrefs inside the drawing that are only accessible from an AutoCAD app. Even then there is probably a way to copy-paste the xref items into a new drawing and steal it. – CAD bloke – 2012-09-05T11:19:01.283

Answers

You seek a technical solution to a non-technical problem. The real solution is to hire people who can be trusted.

Having said that, if someone can read the data then (s)he can copy it. The only way I see to solve this is to write your own program which does additional checks. (Basically, spent a a lot of money and time to write your own autoCAD). While that can be done it just isn't practical. And then make sure noone can install of copy the program.

(If it was easy Hollywood would have done this a long time ago with movies.)

Hennes

Posted 2012-08-22T19:56:54.820

Reputation: 60 739

There are ways of stopping your drawings from being used outside your company, but very little you can do against someone inside your company. Like @Luke said, if you can read it, you can copy it.

Bear in mind that implementing company procedures to prevent staff from committing an offence which trustworthy staff wouldn't ever commit has it's risks. You are implicitly telling your staff that you don't trust them, not a good move...

The best solution I see is to embed copyright information into your drawings so that you can prove in court that the drawings were copied.

Watermarks are obvious, and people can still copy everything but the watermark into a new drawing.

However, you could embed the company name/copyright information in xdata . You can attach xdata to any object (proprietary blocks etc...), so that if anyone copies parts of your drawings into a new dwg, you can still trace it so long as they don't strip the xdata off.

Assuming you keep this top secret, it's pretty unlikely that disgruntled staff and other vile IP thieves will think to check for xdata. You'd just need an independent AutoCAD expert to prove in court that the objects in someone else's dwg do indeed have your xdata and therefore did originate from within your company.

AndyHasIt

Posted 2012-08-22T19:56:54.820

Reputation: 111

2If you ATTSYNC blocks with attributes then it strips the xdata from the block. You need to make sure you attach it to something more inert. – CAD bloke – 2012-09-05T11:20:07.540

+1 for adding useful info, I didn't know that one. I take it you can still attach xdata to items nested inside the block without it being stripped by ATTSYNC? – AndyHasIt – 2012-09-05T14:35:54.410

Nup. It breaks. From http://docs.autodesk.com/ACD/2010/ENU/AutoCAD%202010%20User%20Documentation/index.html?url=WS1a9193826455f5ffa23ce210c4a30acaf-512c.htm,topicNumber=d0e199454 .. "Warning ATTSYNC removes any format or property changes made with the ATTEDIT or EATTEDIT commands. It also deletes any extended data associated with the block..."

– CAD bloke – 2012-09-06T02:15:15.370

-1

You could write a simple program that would mix the data bits inside the file. Open the file as a binary file and simply change the order of the bits. Make this program do it both ways (mix and unmix the data) Creat a rountine in your server to run this program everyday on the wanted files and put a copy of the program on every computer that needs to see the files. Before opening the file the guy wold have to unmix the bits so the cad program can understand the file. In other words you wold be encrypting them. Make this program run on the background so the user does not know its running. i dont know, it could be a light for you...

Vitor Miranda

Posted 2012-08-22T19:56:54.820

Reputation: 1