ProShop SAFE’s file management system

ProShop SAFE’s file management system

September 20, 2022

ProShop ERP

https://proshoperp.com/

The ProShop SAFE (Secure Access File Ecosystem) from ProShop ERP will be a secure, innovative cloud-based ERP file management system enabling companies to achieve multi-dimensional, roll/user based data security compliance to multiple standards such as NIST 800-171, CMMC, ITAR, HIPAA, SOC, GDPR and ISO-2700X. ProShop SAFE ensures only authorized users have access to specific files and folders managed through the unified credentials and authentication of their ProShop login. Combined with ProShop’s GovCloud hosting suite of features, ProShop SAFE limits a shop’s Controlled Unclassified Information (CUI) footprint and simplifies and economizes compliance efforts, as well as protecting other sensitive company and customer data. Future versions will streamline marking of CUI, CTI, FCI, etc.

Beyond facilitating achievement of CMMC and ITAR standards, ProShop SAFE also ensures an employee can’t accidentally delete or move critical information they are not authorized to act on. ProShop ERP is the only shop management ERP/MES/QMS software specifically designed for defense and aerospace CNC machining and manufacturing with these levels of security controls.

ProShop SAFE is a managed encrypted file store (end to end, and at rest) securely and seamlessly translating into the browser experience. User-definable File Access Security Groups (FASG) within the User Module of ProShop enable security administrators to define permissions of all folders and files within the file store, and provide read/write/execute, or forbid access, to any configuration of approved folders, subfolders, and files. When a ProShop login is authenticated via a user’s ProShop credentials and 2 Factor Authentication (2FA) if enabled, the files and images are immediately available and visible in the ProShop browser interface. The user can view and manipulate files with the secure cloud file store and in-memory of the device, without being downloaded to the user’s device. This limits the storage footprint of CUI information within a shop and makes it considerably simpler to achieve CMMC and ITAR requirements for control of CUI. When the ProShop session is closed, the file store is immediately removed and access to any files within it’s terminated.

In many ERP systems, files may be stored in a database requiring anything beyond simple viewing of a file in the browser must include downloading the file to the local device. That adds significant risk, cost, and complexity to the process of meeting CMMC Level 2 requirements. In ProShop SAFE files are stored in human readable and browsable file structures and are access-controlled across all folder hierarchies. ProShop SAFE even allows access to subfolders housed within upper-level folders without providing access to the upper-level folder itself. This level of control is essential for safe and effective management of files employees need to effectively perform their jobs.

A good example application of ProShop SAFE: A CNC setup machinist (and ITAR approved US Person) can log into ProShop on the factory floor using user-specific credentials and a 2FA key on a Windows-based device that may previously have had no access to ProShop SAFE files. As soon as ProShop authenticates the credentials, the ProShop SAFE file store is connected, and the setup person can browse only the specific folders and see the specific files permitted. The setup person may have read-access-only to the G-Code folder associated with the parts and work orders involved. The setup person can also view the approved inspection drawing directly within the browser and see the approved setup photos and videos stored within the part folder. ProShop SAFE also allows write access to the folder so new photos of the setup can be submitted for manufacturing engineering approval. When setup is complete, the file store is immediately removed when the setup person logs out of ProShop. When a CNC machine operator logs into the same device to run the job and new permissions are applied, there’s direct access to the G-Code files and folder and read-only access to photos of the setup within the ProShop interface. There is no write access to the file folder, to prevent deleting, moving, or editing any files within the folder. The least privilege security settings limit what the machine operator can see or do. As soon as the operator logs out of ProShop, the file store is disconnected, and files cannot be browsed or accessed by anyone on that device.

“A business that is out of compliance with data security standards can lose contracts,” says Paul Van Metre, president of ProShop USA. “Application of ProShop SAFE accelerates and simplifies fulfillment of a wide range of security requirements, avoiding possible loss of work while saving money and time.”