As I noted in a previous blog post, Cadence IT experts are engaging with customers to help them develop and improve their CAD infrastructures. One issue that some customers need help with is data security. There are many "best practices" that can be helpful, particularly for small companies and startups who don't have full-fledged IT departments.
I talked to Saravanan Nagarjan, senior IT architect at Cadence, about some of the "best practices" Cadence recommends to EDA tool users. Cadence implements many of these practices itself to protect customer data inside VCAD (Virtual CAD) chambers, which can provide everything from a place to run diagnostics to a complete CAD infrastructure for a small company.
An article in the December 2010 issue of Processor magazine provides a more detailed look at how Cadence secures customer intellectual property in its Hosted Design Services engagements, which are basically VCAD chambers with design tools provided on a software-as-a-service (SaaS) basis. As the article notes, Cadence also works with customers through its EDA Infrastructure Acceleration Services to address concerns such as data and network security.
Rule Number One: Know Where Your Data Is
Saravanan said that Cadence advocates a "data centric" security approach, and the first step is to simply locate the data. "Often times, customers don't know where their data is," he noted. "It could be on servers, it could be on laptops; data can be anywhere. Once you know where your crown jewels are, it's easier to protect them."
Once located, it's important to identify or classify the data, monitor critical data, and track its movements. This helps prevent data loss. Internally, Cadence uses a methodology called "Label, Log & Secure" that sets forth protocols for logging customer data and tracking every data transfer.
Here are some other points that emerged from our discussion:
Inside the Cloud
There's a lot of interest these days in cloud computing, and Cadence is "closely monitoring" developments in that space, Saravanan said. His view, however, is that "the security is still maturing" for public clouds. "The cloud should adhere to our standard security practices with things like firewalls, VPN and security monitoring devices, and at the same time we have to worry about the trust model of the cloud," he said. "The trust model should include third party security audits and should adhere to legal and contractual obligations as well. We need to make sure the confidentiality, integrity, and validity of the data inside the cloud is there." Similar views were voiced in the Processor magazine article cited above.
In addition to data security, Cadence IT experts are helping customers solve problems and answer questions related to networking, thin clients, Linux, tool licensing and management, and private and public clouds. "If you need any help with IT, we are more than willing to provide advice," Saravanan said.