Teradici Blog

How the AEC Industry Can Combat Security Threats in Digital Workspaces

Written by HP Teradici | October 3, 2022

 

Businesses within the AEC industry – architecture, engineering, and construction – have adapted the way they work over the course of the last few years. AEC workspaces have become more flexible and no longer rely solely on on-premises workstations. Employees complete designs, analysis and construction projects while working from home, off-site, at a client or vendor’s office, and anywhere in between. 

Though changes to the way people work can be disruptive, with the right technology, these disruptions can be minimal. Employees can keep working the way they’re used to despite changes in location. 

But while users in AEC spaces can continue to work seamlessly from virtually anywhere, IT teams are impacted in one crucial way—monitoring cybersecurity threats. 

A panel on AEC entitled Drive the Agility and Productivity of your Architecture Business in the Age of Hybrid Work discussed security and more. In the first of a three-part series, we share highlights from the webinar about maintaining security in hybrid AEC environments.

Understanding AEC user needs

A priority for IT teams in AEC firms is to maintain security protocols for on-premises servers. But when employees use personal endpoint devices to connect to the cloud, and those devices are on the move, the burden on IT to ensure data and applications are secure increases. 

But while IT focuses on security, AEC professionals have different demands. AEC use cases rely on a host of technologies and applications to complete projects. This software is graphics-intensive, with high compute needs, sometimes on the go, especially when architects or general contractors are on location. For AEC professionals, it’s important to achieve the best lossless and color-accurate quality while real-time ray tracing on applications like AutoCAD, BIM, and Revit from anywhere. 

Additionally, AEC businesses work with high-profile clients on major building, infrastructure and industrial projects—hotels, condos, schools, civil engineering, government projects, and military projects. These designs and constructions constitute the intellectual property (IP) for both the AEC team and the client—losing this IP is not an option for anyone involved. IT teams are tasked with ensuring that AEC professionals can access the best design quality on their workstations, while maintaining the highest security standards so no IP is lost. 

Within the construction field, there is an added strain on security protocols due to the number of organizations accessing data for a project. The more external parties that access data, remoting-in to on-premises workstations or through the cloud, the more the data is at risk of being exposed to cyber-attacks. 

Another third-party group that is involved in AEC communities are temporary workers who are brought on board to fill roles for specific projects. They sometimes number in the hundreds depending on the size of the project, putting a huge strain on IT to ensure that these contingent workers only have access to business information related to the project and nothing more.  

Additionally, temporary workers also often work with multiple clients at the same time, which can compromise data security and IP, even if the workers are careful. 

With so many demands from multiple users, IT in AEC firms can often find itself torn between users’ requirements and the company’s security priorities.

AEC security requirements in a digital world

If temporary workers or even AEC professionals save files and assets to their local systems, the chances of cross-contamination between projects becomes high. The security risk of accidentally sharing files from one client to another can also increase.  

Security has also become a larger concern for AEC IT teams as firms have begun to investigate and deploy virtual desktop infrastructure and digital workspaces. This move was necessitated by the pandemic but has become the norm for firms adapting to a hybrid environment. 

The cloud is more accessible when architects are creating a digital twin or generative design of a building for analysis. Digital twin files, and most 3D files, tend to be large and can’t easily be exchanged with colleagues or clients via email. Nor is it likely that everyone involved in the project will be in the same physical space to view the design on a single workstation. 

A digital workspace where all designs are saved can be read and interacted with through remote access software. 

Keeping AEC data safe through HP Anyware digital workspaces

AEC firms have used VPNs (virtual private networks) for some time now. While they do afford a fair amount of security, VPNs have slowly been falling out of favor. During a hybrid workspace security survey we conducted, we learned that VPNs are prone to disconnecting and slow performance. Even if the VPN drops for a short period of time, it could open the endpoint device to security attacks. 

HP Anyware, formerly Teradici CAS, is a digital workspace solution based on PC-over-IP (PCoIP®) technology and includes AES-256 security encryption. The PCoIP remote display protocol keeps business information safe. Data is transmitted solely as fully encrypted image pixels, not raw data. 

Essentially, HP Anywhere always keeps business information in the data center, whether it’s on a cloud or on-prem servers. Data is never stored directly on a vulnerable endpoint. Thus, IP remains secure no matter when and where employees or clients are accessing their VDI. 

HP Anyware includes Anyware Manager, a unified interface that IT administrators can use to secure, broker, provision and monitor remote access connections. IT teams can also administrate faster deployments of remote workstations virtually anywhere and create secure connections between users and their machines by enabling multi-factor authentication (MFA) for added security. 

With PCoIP, AEC firms can rest assured that they are getting highly certified secure technology. The Teradici Tera2 PCoIP Zero Client was recently added to the Cryptographic Module Validation Program (CMVP)’s Modules In Process List, bringing it one step closer to FIPS 140-2 level 1 validation. 

In the second part of the series, we discuss collaboration for AEC hybrid teams. 

Want to see HP Anyware in action? Watch an AEC 3D modelling session during the HP Teradici webinar entitled Drive the Agility and Productivity of your Architecture Business in the Age of Hybrid Work.