Don't Fear the Cloud— Fear Lack of Data Security Commitment
By Nate Washor (Product Manager, Software and Security), Doug Kenik (Director of Product Management, Software)
As factories grow increasingly digitized, more 3D printing vendors are shifting towards cloud-based software models. This raises a big question for manufacturers with intellectual property and valuable uptime to protect— how secure and stable is the cloud?
Markforged is a leader in cloud-based additive manufacturing software, where robust cloud security and architecture have been top-of-mind since Day 1. In fact, our Eiger software began as a cloud-based service back in 2014. In demonstrating cloud security expertise and a commitment to securing customer data, Markforged became the first AM company to receive ISO/IEC: 27001 certification.
So, from a decade of strong emphasis on cloud security, what does the “cloud done right” look like to us?
The basics of cloud security
When done right, the cloud is widely regarded by cybersecurity professionals as more secure than on-premises setups — despite the common myth that physical, on-site servers are better protected from cybersecurity threats.
One reason is the cybersecurity prowess of major cloud service providers (CSPs). To offer a cloud-based service, a software company must host its applications and data on the infrastructure of a CSP, like Amazon Web Services (AWS). Hosting infrastructure on a major platform means it’s protected by the CSP’s best-in-class security capabilities. As cybersecurity is a critical foundation for their business models, key players have invested billions of dollars to keep cloud data secure, employing thousands of security engineers.
While major CSPs feature robust data protection, cybersecurity is ultimately a shared responsibility between the software company and the cloud provider. The lopsided majority of cloud breaches are not due to technology shortcomings inherent to the cloud. In fact, Gartner predicts 99% of cloud security failures through 2025 will be the result of software companies’ suboptimal infrastructure design and development practices.
For end-use customers evaluating potential software vendors, standards such as ISO/IEC:27001 exist for organizations to demonstrate proficiency in securing information.
How do I know Markforged software is secure?
Securing customer data is our top priority. Markforged takes pride in our rigorous and competent product and software development life cycle, which utilizes multiple levels of internal testing and validation. Our business systems and infrastructure undergo regular third-party penetration testing, while our entire codebase is subjected to peer reviews, vulnerability scanning, and automated testing.
What results do we have to show for it?
ISO/IEC 27001 certification: Markforged is the first additive manufacturing platform to achieve ISO/IEC 27001 certification, an international standard for how organizations manage information security. An organization with this certification has demonstrated the necessary in-house knowledge, procedures, and infrastructure to reliably secure sensitive information stored on the platform. This standard ensures that information 1.) is confidential and only accessible by authorized users; 2.) has uncompromised integrity, with only authorized users able to make changes; and 3.) is readily available to authorized users when it is needed.
STIG compliance: For the U.S. Department of Defense (DoD) to put any technology on its network, the technology's underlying Operating System (OS) must be STIG-compliant. Security Technical Implementation Guides (STIGs) are cybersecurity guidelines along with a series of tests to verify systems are as secure as possible.
Markforged Desktop, Industrial, and Metal X printers feature a STIG-compliant operating system that adheres to strict government security guidelines for use in DoD and similar environments.
Single Sign-On (SSO): Our cloud software’s SAML 2.0-based SSO allows customers to integrate Eiger into their existing Identity Provider (IDP). Not only does this ease the burden of administrators creating and managing accounts for their users — it also eliminates the concern of former employees walking off with intellectual property. Upon IT revoking a user’s email address, the previous user will no longer have access to Eiger and the data contained therein.
Role-Based Access Controls (RBAC): This ensures Eiger users can only access information they’re authorized to access. For each user, Eiger administrators can grant differing levels of access to all folders, parts, and printers in an organization. This allows granular control over your intellectual property.
Compare this to IT administrators using on-premises deployments, which risk physical data theft. Without complicated systems in place, files stored on hard drives can be copied to backup disks.
Encryption: Markforged uses FIPS-140-2 compliant encryption algorithms and TLS 1.2 or greater encryption to ensure your data and intellectual property are always protected when the data is at rest, in-transit, in file storage, or in our backend databases.
Additionally, we support Proxy Server SSL inspection, a critical aspect of Zero-Trust architecture, by enabling customers to use their own certificate authority (CA) to encrypt traffic between their printers and their proxy server.
Trust from blue-chip customers: Data security and protection of intellectual property are top of mind for all organizations. Prior to bringing Markforged technology in-house, many of our current customers require exhaustive security audits and reviews of our platform.
After thoroughly reviewing our security capabilities, which organizations continue to trust the Markforged platform? Our customer portfolio includes defense agencies like the United States Navy; as well as household names in manufacturing such as 3M, Vestas, Caterpillar, Toyota, and many other major OEMs in automotive and aerospace.
Why is cloud-based software advantageous?
The cloud-based model seems ubiquitous in today’s landscape of software. Why is that? Many of the cloud’s unique core benefits for end-users — such as remote accessibility, collaboration, and real-time data — enable functionalities needed for enterprise software users to stay competitive.
Here’s why we chose a cloud-based software model from the outset:
Remote access and collaboration: Authorized users can access Eiger 3D printing software from anywhere in the world. This means print jobs can be sent to any printers on the network, regardless of geographic location.
Store parts as digital inventory: Our Eiger software features a secure, globally accessible library of digital part files. The option to get a part on-demand eliminates a need for physical inventory — when a part is needed, it can be printed and ready to use in just hours or days.
Automated updates: With our cloud SaaS offering, you are always up to date with the latest version. This minimizes overhead costs while maximizing security, usage, and even your ROI. Updating any Markforged cloud-connected device is simple, and can be automated with OTA (over-the-air) updates.
Without automatic updates, IT administrators must constantly monitor for available updates, then scramble to apply them manually. Neglecting them significantly increases the likelihood of critical vulnerabilities within your infrastructure.
Integration across business systems: Our Eiger software has an API (application programming interface) which can relay details about parts, builds, print jobs, and printer status to other important business systems. Integration allows users to automate additive manufacturing workflows at other touchpoints in the digital factory.
Cloud uptime and safety
A trusted and secure cloud service is not very useful if service is frequently down. Our cloud service is remarkably stable. For the calendar year 2022, uptime for our cloud-based Eiger software was 99.98%. Check it out for yourself at status.eiger.io.
While our cloud software boasts consistently strong uptime, a successful print job does not require a real-time connection — all necessary data is downloaded in advance. Therefore, if the connection goes down while printing, the print will continue without a hiccup.
In addition, competent design and workflow architecture ensures that parts aren’t inadvertently printed on Markforged devices, even when the cloud service experiences an outage. In fact, our printers currently require a human to confirm the print bed has been cleared before allowing a new print job to begin and we don’t allow a new print to begin while another print is active. These are simple but effective safeguards that help prevent safety issues and damage to equipment from printing mishaps.
Embrace the cloud
At Markforged, we don't fear the cloud. As a leader in cloud services for additive manufacturing, we have been unwavering in our commitment to its security for nearly a decade. It's this dedication that fuels our responsibility to developing and maintaining secure, safe, and innovative cloud-based solutions that empower our users to embrace the cloud with confidence.
Interested in learning more about security and safety at Markforged? Talk to a Markforged expert and we can address your concerns.
Standards Spotlight: ISO/IEC 27001, ISO 9001 in Additive Manufacturing
The Value of Cloud-Based Slicing and File Management for 3D Printing
All of the blogs and the information contained within those blogs are copyright by Markforged, Inc. and may not be copied, modified, or adopted in any way without our written permission. Our blogs may contain our service marks or trademarks, as well as of those our affiliates. Your use of our blogs does not constitute any right or license for you to use our service marks or trademarks without our prior permission. Markforged Information provided in our blogs should not be considered professional advice. We are under no obligation to update or revise blogs based on new information, subsequent events, or otherwise.
Never miss an article
Subscribe to get new Markforged content in your inbox