Many High-Tech Manufacturers Taking Major Security Risks

Many high-technology manufacturers are knowingly putting their intellectual property at risk by collaborating with partners and suppliers with communication tools that they don’t consider secure, according to a survey Microsoft commissioned.

The survey of high-tech manufacturers found many now using Web-based e-mail and instant messaging platforms designed for personal use to carry out business communications, even though many of them believe those channels are not secure.

More than three-fourths of key decision makers such as supply chain directors, chief intelligence officers and IT managers say they’d used at least one public communications tool to collaborate with partners, according to the survey, dubbed the “Microsoft Collaboration in High-Tech Manufacturing Survey 2007.”

Conducted by KRC Research, the survey found that often, proprietary information such as product plans, technical data and other proprietary information were sent using those tools.

“Our hope is that this survey shines a light on a problem that has been plaguing the industry for years,” said Tyler Bryson, general manager of the U.S. manufacturing industry group at Microsoft. “The use of non-secure communications tools is staggering, and high-tech firms are struggling to find ways to communicate with value chain partners more quickly and effectively, without compromising valuable intellectual property and other sensitive data.”

Going Public

Despite the widespread use of such tools, only 27 percent of so-called business decision makers and 37 percent of technology decision makers believe their communications and collaborations tools are “definitely secure.” Most also expressed concern about other members of their organizations using the tools to share information outside the company.

Many businesses have tackled the problem by restricting access to sensitive documents, Microsoft said, and two-thirds of business decision makers and nearly three-fourths of technology decision makers believe the ability to encrypt e-mail or instant messages is important to securing intellectual property.

The survey also found widespread use of non-corporate messaging tools such as Web-based e-mail and Web-based fax services. Half of those surveyed said they or their employees likely used those public tools to share sensitive data such as contracts or legal agreements.

The survey data was based on interviews with 200 key decision makers at tech manufacturers with at least US$150 million in revenue and 500 or more employees, Microsoft said.

Solutions Ahead?

One of the reasons for the lack of secure communications is that many employees have been forced to implement their own solutions for sharing information beyond the corporate firewall, Gartner analyst John Pescatore told the E-Commerce Times.

“Enterprises think they’re doing the right thing by restricting what information can flow outside the network, but employees often source their own solutions as a result and those may be less secure,” he said.

Microsoft is obviously laying the foundation for its growing family of collaboration products and while interoperability is more widespread now than in the past, true compatibility across platforms remains a hurdle, he added.

By highlighting how prevalent the use of public options is among high-tech manufacturers, Microsoft is underscoring the threat to intellectual property — a different type of security issue than concerns about network attacks or virus infections.

“For high-tech companies, intellectual property is their future lifeblood, and any risk to that has to be taken seriously,” Forrester Research messaging security analyst Kyle McNabb told the E-Commerce Times.

At the same time, such manufacturers are increasingly dependent on a growing network of partners — suppliers, contract manufacturers, logistics and design firms — to get their products to market. Increasingly, many of those partners are located overseas, including in areas where piracy and intellectual property theft runs high compared to the U.S. “A lot of vendors have focused on collaboration,” McNabb added. “Being able to extend that securely to partners and suppliers could have real power.”