Paperless Parts Helps American Manufacturers Strengthen Security Posture with Launch of IT Module
April 18, 2023
Manufacturing quoting software company Paperless Parts helps job shops achieve CMMC compliance while protecting American intellectual property.
Paperless Parts, the leading estimating and quoting platform for job shops and contract manufacturers, today announced it has released platform capabilities designed to bring new levels of control and security to the U.S. manufacturing supply chain. The Paperless Parts IT Module puts the necessary systems and IT controls in place to ensure that sensitive data, especially Controlled Unclassified Information (CUI), is handled appropriately throughout the quoting process.
“The U.S. invests more than $100 billion dollars into defense research and development annually. In the private sector, companies spend billions each year developing their intellectual property. Protecting the IP of these organizations is a matter of national security, and maintaining American competitiveness on a global scale,” said Scott Sawyer, Paperless Parts Co-Founder & Chief Technology Officer. “As critical national infrastructure, manufacturing is a major target for cybercrime; the average cost of a breach in the U.S. is $9.44 million: the highest of any country in the world. We want to arm our customers with the tools they need to ensure that the data they are entrusted with is as secure as possible.”
Organizations that are dealing with sensitive intellectual property are increasingly embracing the “principle of least privilege,” limiting who within shops can view, download, or edit files. Manufacturers that are designing and building parts for the U.S. Department of Defense (DOD), in particular, are required to adhere to strict security standards, including multi-factor authentication, tight access control, and detailed audit capabilities. Anticipated to begin as early as May 2023, these businesses will need to undergo a third-party audit testifying to their compliance with the standards outlined in the Cybersecurity Maturity Model Certification (CMMC) 2.0. Compliance with CMMC is an exhaustive and time-consuming process, and shops need to ensure that all of their security and IT control processes are documented and that the right systems are in place.
Paperless Parts is an ITAR-registered platform that is hosted on Amazon GovCloud (the same servers used by the DOD), and leverages in-transit data encryption using TLS v1.2 with modern ciphers, at-rest data encryption using AES-256, 100% US-based system administrators and support team, a System Security Plan based on the FedRAMP Moderate baseline (NIST 800-53), nightly data back-ups, and more.
The Paperless Parts IT Module provides an additional layer of security control for larger shops that require enhanced visibility and access rights management, or any shop that is bidding on projects for the DOD. With the IT Module, users will now be able to:
- Utilize Single Sign-On (SSO) to centralize login and session management via leading third-party identity providers such as Microsoft Azure Active Directory, Okta, and OneLogin.
- Restrict the ability of users to access CUI based on individual intelligent permissions or type of role so that CUI can only be viewed, downloaded, or shared by authorized users. Permissions are enforced at the User Interface, API, and database level.
- Flag files that contain CUI data so that access is limited to designated users and restrict which users have permission to set or remove CUI flags.
- Track who is accessing CUI and create audit reports by downloading an audit log of all access to or modification of data that could potentially contain CUI.
One Paperless Parts customer, Midway Swiss Turn, Inc.’s CEO Jayme Rahz, is preparing her shop for its CMMC audit later this year: “Protecting our customers’ data is critical to national security, and we take that commitment very seriously,” says Rahz. “Paperless Parts has been a trusted and valuable partner in our journey to strengthen our security posture and ensure that our customers’ data is always protected.”
Paperless Parts will be demonstrating the IT Module this week at the Precision Machining Technology Show (PMTS) in Cleveland, OH April 18–20 at booth #1074. To learn more about Paperless Parts, visit their website today.
About Paperless Parts
Paperless Parts understands the critical importance of cybersecurity in today’s digital age. Their innovative quoting and estimating solutions are designed to help job shop manufacturers unlock hidden insights and modernize their businesses while maintaining the highest levels of security. Paperless Parts customers can rest assured that they not only own their data, but that their data is secure. From small local businesses to large enterprise organizations, Paperless Parts users are primed to quote faster and more accurately to continually grow revenue, all with the peace of mind that comes with best-in-class cybersecurity.