Privacy and Security on the 3DEXPERIENCE Platform

Aug 22, 2022 | 3DEXPERIENCE | 0 comments

In the digital world we all live in, security of our data is more important now than ever before. This includes our business data and intellectual property which is the life blood of a company. While evaluating systems in which to hold your data, security needs to be kept in the forefront and the 3DExperience platform is no different.

Dassault Systèmes and the developers of the 3DExperience platform follow many industry standards and best practices while making the cloud software. The general guidelines and methodologies that the team adheres to are as follows:

• ISO 2700x standards, and in particular Implementation Guide ISO 27002

NIST 800 series

• Open Web Application Security Project (OWASP) methodologies

• CobIT framework

Now, let’s look at the specific layers of security applied to the 3DExperience platform.

Layers of 3DX security in depth

Physical Security

The 3DExperience platform has its data stored in several nondescript physical datacenters around the world. Access is limited to authorized staff, contractors and visitors are escorted at all times and physical access to the data centers is logged and audited. Finally, the physical storage is secured via redundant disks with disaster recovery, backup and restore procedures.

Virtual Systems Security

On the physical machines in the datacenter, several virtualized systems are created in which the data and applications are hosted. These systems are scrutinized, from a security standpoint, prior to being released into production. Beyond standard security activities such as system patches and services review, Dassault Systèmes runs random attack-like scenarios to test the integrity of the system as well as the reactivity of the operational response teams.

In-Cloud Security

While inside the Dassault Systèmes cloud, there are several layers of security solutions. Beyond firewalls to restrict traffic, each client works on instances that are separated from other systems. This approach protects against cross-customer data access, which is also hardcoded at the application level. This separation inside the cloud environment mitigates classical risks of network attacks, in particular sniffing and IP spoofing is not feasible by design.

Application – Level Security

Security awareness and controls are designed into the development and verification process of the applications on the 3DExperience platform. The code is double-peer reviewed, both internally and externally with special emphasis on the top OWASP threats. An additional protection check is performed on the application ecosystem where a cyclic penetration testing exercise is performed. Lastly, a continuous scanning process is in place to monitor various modules of the application.

Internet Security

The final security measure that is in place is how the end user interacts with the platform over the internet and what data is exchanged between the user and the platform. Incoming internet traffic to the platform is filtered by independent mechanisms ensuring reliability and lack of vulnerability. To ensure the confidentiality and integrity of the data being transferred to and from the platform, secured communication channels can be used, where applicable.

After reading this blog, hopefully you have a better understanding of the security measures that are in place on the 3DExperience platform and its applications. This multi-layer security approach makes the 3DExperience platform as robust as can be in cloud software today.

Learn more about the platform here.