Running a business -- whether it's a one-person auto repair shop or a multibillion dollar aircraft manufacturing company -- has always involved a certain amount of risk. In recent years, however, the steady shift to what is now a global economy has pushed the risk quotient associated with running a business to elevated levels.
For manufacturing companies, this new globalized economy requires managing extended supply chains in which outside partners and suppliers perform critical functions, from product design to manufacturing and even post-sales product support, across various points around the world.
Manufacturers are increasingly turning to outsourcing and off-shoring for one simple reason: it makes financial sense. But those economic benefits can dissipate rapidly, if not completely disappear, if a company doesn't have a sound strategy for managing critical supply chain risk.
In the current economy, the possibility of having intellectual property (IP) stolen or otherwise comprised is among the greatest -- and potentially most harmful -- risks manufacturers face. It's also a risk that far too many manufacturers are ill-prepared to manage. IP is typically lost or compromised in one of two ways:
- Outright theft by an unscrupulous party; or
- A phenomenon often referred to as "leakage," which is unintentional disclosure that occurs in the course of sharing information with individuals from various departments within the company or with outside supply chain partners.
Regardless of how the loss of IP occurs, it can have a devastating impact on the corporate bottom line. IP theft often results in counterfeit versions of a company's products being manufactured and sold on the black market. Using pilfered design data, unprincipled individuals are making products that resemble authentic items -- many of them bearing the original manufacturer's logo -- to unsuspecting customers.
In the defense industry alone, the number of known counterfeit electronic products more than doubled from 2005 to 2008 according to a U.S. Commerce Department report released in January 2010.
Aerospace and defense (A&D) manufacturers, particularly the prime contractors in this sector, face a special set of risks when it comes to protecting IP. The increasing pressure to reduce both the time and costs associated with developing complex products such as aircraft and weapons systems has forced prime contractors to place more responsibility for designing and integrating major subsystems in the hands of their Tier 1 and Tier 2 suppliers. That means these suppliers now have access to these contractors' most valuable data, and that data must not be allowed to leak into competitors' hands. This is no small task given the fact that a Tier 1 supplier on one A&D program could very well be a competitor on another program.
National security considerations also must be top of mind for A&D manufacturers when it comes to the handling of IP, with governments across the globe wanting to keep their military secrets from falling into enemy hands. The need to comply with national security protocols is obvious when the data in question pertains to products made specifically for military use, but these protocols must also be honored for "dual-use" components or materials that can be used in both consumer goods and military products.
Companies that violate national security regulations related to the disclosure of IP are subject to both civil and criminal penalties.
Let's look at it from the perspective of a large OEM who is the prime contractor on an aerospace and defense program. As the prime contractor, the OEM will typically engage with a number Tier 1 suppliers to handle major aspects of the program. These engagements require the OEM to share detailed information about its products with its Tier 1 suppliers -- some of whom might be competitors on other programs. The OEM must have a way of keeping detailed records on all of its IP to ensure that only the information necessary to fulfill the current contract -- and nothing else -- is passed to the Tier 1 suppliers. And the need for protecting IP, like the supply chain, doesn't stop at this level.
The Tier 1 suppliers have their own network of subcontractors with whom they must share sensitive product information, and the process continues until ultimately the OEM finds itself needing to keep track of information that's traveling across a far flung network of contractors and suppliers spread out all over the globe. Each time information moves down a level in the supply chain, the potential for IP theft or leakage grows, but the OEM's responsibility for protecting its own IP never diminishes.
Currently, most companies attempting to protect IP are taking one of two approaches:
- Manual, ad-hoc processes in which a small group of people in a document control department are assigned to track the usage and movement of data in much the same way books are checked out of and back into a library; or
- IT-based processes that call for segregating data into multiple systems -- often by location -- and only giving certain individuals access to those systems.
Both approaches have major shortcomings. The first one offers no real IP protection, since manual processes are easily circumvented. The second approach, in effect, puts the company's IT staff in charge of controlling access to IP, rather than the people who actually use it, which increases the difficulty of accessing information when needed, inhibits collaboration between program stakeholders and leads to unnecessary IT costs.
Fortunately for manufacturers, another approach is now available -- one that makes it easy to strike the right balance between the increasing need for seamless supply chain collaboration and the ongoing requirement for maintaining tight controls on IP.
This approach centers around the deployment of a next-generation product lifecycle management (PLM) software platform that can federate data from multiple systems across an extended global supply chain, in effect creating a central repository for all data associated with a particular project or program regardless of where -- or on what system -- the data was created. A PLM platform supports the twin goals of streamlining product development and protecting IP. PLM is increasingly relied on as the primary platform for sharing product design data with everyone involved in building, selling and servicing products.
With this type of system place, all requests for access to IP -- no matter where they originate within the supply chain -- are managed by this single system, which can determine in real time whether an individual is authorized to access the information they seek based on its credentials and physical location. Multinational project teams can collaborate effectively while obeying the export control regulations (such as ITAR and EAR), commercial IP laws and security protocols of all countries involved.
The risk of having IP stolen or compromised is a huge issue for manufacturers, but one that can be managed with proper diligence from an organizational and technology standpoint. With the right processes and systems in place, manufacturers can meet the challenges of doing business in the 21st century without fear of having their most valuable assets, the ideas that eventually become profitable products, stolen or devalued.
Alexis Balloy is Director, Aerospace & Defense Industry for Dassault Systmes.