For nearly a century, companies worldwide have relied on Komatsu equipment and services to help them develop modern infrastructure, extract fundamental minerals, maintain forests, and create technology and consumer products. Komatsu prides itself on premium products that perform to the highest standards, which makes its intellectual property (IP) among its most important assets. With Microsoft Information Protection, Komatsu can limit access to design files and other engineering documentation using role-based access and time limits. Now, it can more confidently share IP with the Komatsu supply chain, including external partners.
A heritage brand that evolves with the times
Komatsu’s mining legacy was founded by its brands in the mid-1880s in Milwaukee, Wisconsin, at the height of the industrial machinery manufacturing boom. It has a storied history of evolution and innovation alongside the growing industrial demands of the United States, and that’s reflected in its designs, products, and customer service.
Komatsu mining products are known the world over for their quality and reliability, providing sites with everything from classic dump trucks to autonomous haulage vehicles, continuous miners, and hydraulic excavators.
Of course, that combination of quality and service doesn’t come cheap—these monumentally large and complex machines reflect their power, performance, and mission-critical value in their price. And because they’re premium products, Komatsu is focused on delivering every machine and component to the highest possible standard.
“We strive for flawless execution—doing everything right the first time and making sure that we overdeliver on what we promise,” explains Dave Vilwock, Senior Manager of Application Development at Komatsu.
All this careful development and production comes with vital intellectual properties that need safeguarding, but how do you protect those ideas and plans when they’re outside your organization and in the wild?
Intellectual property is the lifeblood of a manufacturer
To get its designs into production, Komatsu often needs to send computer-aided design files and other engineering documentation to supply chain and parts vendors. These detailed documents include a wealth of information about Komatsu machines, and they’re potentially risky to share.
“These are engineering drawings, so it’s not like a parts book where you wouldn’t be able to build the equipment,” says Vilwock. “This is everything about how our machines are put together, so it’s very important that we protect that information—there’s nothing more vital than our intellectual property.”
Komatsu wanted to replace a legacy on-premises application with a cloud-based platform that would better safeguard intellectual property (IP) and maintain control over how and when it releases documents and who has access to them.
A new system for conditional, timed access
With Microsoft Information Protection, Komatsu built a platform that adds a suite of control tools to the files and documents it shares with its suppliers and vendors. It allows access for named individuals for specified periods, which prevents IP being shared—accidentally or otherwise—with people who shouldn’t have access to it.
“With Microsoft Information Protection, we can assign a file to an account with an expiration date when we have to send it to a vendor or anybody outside the organization,” says Vilwock. “So, even if somebody else gets hold of it, they won’t be able to open it.”
Combined with Microsoft Information Protection, Komatsu uses Cloud App Security to boost security throughout its Microsoft 365 environment, including its Microsoft Office 365 deployment. Engineers, project managers, and data governance officers keep files in Azure Blob storage and share secured links to the documents with internal and external recipients. While Komatsu uses Microsoft Information Protection to handle classification and permissions, it relies on multifactor authentication in Azure Active Directory to validate the identities of anybody who accesses the files.
“Our previous solution offered some protection for internal users, but not when we sent files externally. It also ran out of memory quickly, so users sometimes had to restart their computers multiple times a day,” says Jeremiah Steidinger, a Komatsu developer. “With Microsoft Information Protection, we don’t have to worry about any of that.”
Komatsu employees also use Azure Active Directory to sign in to a .NET Core web app, which interoperates with other core Komatsu systems to connect users to the supply chain and make it far easier to access, share, and collate. “The web app uses the .NET Core API in the background,” says Vilwock. “Users can search using a bill of materials number, look at all the materials and components, and download whichever documentation they need. They use the Microsoft Information Protection SDK to encrypt the files and create a zip folder.”
More secure access internally, externally, and on the go
With its new system, Komatsu can track exactly who has access to documents, whether that’s within the organization or at an external partner, and what department they belong to. What’s more, with conditional access and automatic time limits, Komatsu can apply access controls even to approved users, which helps it keep key IP from falling into the wrong hands.
“Our old system didn’t have any of these capabilities—Microsoft Information Protection and Azure Active Directory have given us a huge advantage in lowering our risk of losing intellectual property,” says Vilwock.
Komatsu shares and controls documents faster and with more safeguards, which in turn helps reduce its supply chain costs, but there’s also a major administration benefit. “We had some people who essentially spent much of their workdays sending out files, but now that we’ve automated all that with Microsoft Information Protection, those team members now have more time for other value-added work,” says Steidinger.
The new Komatsu system also helps field workers operate more efficiently. By combining Microsoft Information Protection with Microsoft Endpoint Manager, engineers can save key documents for offline viewing with all the protection of the cloud-based platform. That means Komatsu employees can work on the go with confidence in the security of company IP.
“With Microsoft Information Protection, we better safeguard all files, whether they’re being accessed internally or sent externally,” says Vilwock. “We can prevent unprotected files from being downloaded and viewed anywhere. We protect our IP without our security measures getting in the way of collaboration and innovation.”
Organization-wide digital transformation
Komatsu initially deployed Microsoft Information Protection to help streamline and safeguard the supply chain operation, but the solution won’t stop there. The Komatsu team plans to roll out Microsoft Information Protection organically, expanding to other parts of the business as the need arises. Ultimately, Komatsu wants to deliver the most secure, optimized workplace environment possible for employees across every department so that they can support its mission of providing top-quality machinery with stellar service.
“We want to make sure we get everything right,” says Vilwock. “Microsoft Information Protection is an important piece of the core systems at Komatsu.”