With HaloSHARE’s CAD file security and digital watermarking software, AECO can improve workflow efficiency and file protection. Here’s how.
.png)
Architecture, Engineering, Construction and Operations (AECO) companies face a cybersecurity dilemma.
On the one hand, multi-partner projects and frequent file sharing expose AECO firms to security threats. On the other hand, heavy security measures and file encryption hinders AECO workflow efficiency and prevents collaboration within the BIM/CDE environment.
But there is now a middle ground: securing and streamlining digital workflows without encryption. Here’s how Secude does it for AECO.
59% of AECO firms suffered a cybersecurity incident in the last two years with Construction the most targeted sector (over 220 incidents on average per year).
To protect their sensitive data and close supply chain security gaps, many AECO companies rely on Data Loss Prevention (DLP) tools like Microsoft Purview. But this reliance has two core issues.
What AECO needs is a way to increase the security and governance of shared files without encryption and without hampering workflows. That’s what Secude’s HaloSHARE does.
Secude’s HaloSHARE simplifies AECO file management and security by extending DLP into the CAD file arena and adding unencrypted file rights through digital watermarking.
Traditional DLP systems can recognize CAD file extensions, but impose "all or nothing" blocking rules on these files.
With HaloSHARE, you can implement custom DLP classification rules to CAD files at a granular level by embedding descriptive metadata within popular proprietary CAD file formats (i.e. Autodesk, Bentley, PTC etc). This allows DLP systems to scan files for custom character patterns, associate those with a file classification type, and then take specific action (block, deny, allow, etc). In this way, you can apply DLP rules to AECO files that would not usually be covered.
Example: Autodesk Construction Cloud (ACC)
Third-party contractors and suppliers can download files from ACC, so if their ACC credentials are compromised, there's nothing to stop hackers from stealing your files. But with HaloSHARE, you can extend DLP rules to your CAD files before you send them to the ACC where collaborators can then use and download them. This ensures that only files that are authorized for access at the CDE are allowed to be uploaded.
Not all file security requires encryption. From sharing building blueprints with architects or publishing PDFs for a tender process, AECO projects often involve sharing information that is not ‘business-critical,’ but still require monitoring.
With HaloSHARE, you can add both visible and discreet watermarks to files in bulk. This unencrypted data security simplifies file sharing (your partners don’t need decrypting software) and adds traceability of shared files, so you know where and when files travel, and the source of any leaks.
Example: Autodesk Construction Cloud (ACC)
Encrypted files break ACC, but discreet marking and document signing works seamlessly. By adding discreet watermarking metadata to files before they go into ACC, you can provide file ownership provenance and enforce confidentiality with partners you share files with. Discreet marking data ensures that the source of a data leak can be traced back to the party that leaked it to enforce accountability measures.
30% of data breaches in 2025 have involved a third-party. Multi-partner AECO projects are therefore particularly vulnerable as the greater the number of users accessing your files, the greater the risk of leaks and file modification. But with HaloSHARE, you can share non-encrypted files with external partners while minimizing the risk of leaks and create accountability for misuse.
Be it large-scale construction developments or multi-year infrastructure projects, you cannot collaborate efficiently with external partners if you use heavy security measures. But with HaloSHARE’s discreet marking and sensitivity labeling, you can share and track project files without slowing down workflows.
While some shared files are not business-critical, others are proprietary and contain valuable intellectual property (IP). Leaving them exposed leads to costly consequences (i.e. loss of competitiveness, reputation and revenue). With HaloSHARE, you can govern which files are allowed to be shared on the CDE and provide controls for who the files are shared with. This ensures that collaborators are digitally authorized to download project files from your AECO collaboration environment.
Originally drawn by Secude’s Microsoft Purview solution, MSG soon learned that MPIP encryption couldn’t be used with Autodesk Construction Cloud. Instead, MSG used HaloSHARE’s discrete watermarking and signing solution for their CAD construction drawings, so they could:
As a result, MSG has more confidence sharing their proprietary construction CAD files on ACC and can hold any collaborator that leaks the file legally accountable.
Up to now, AECO companies faced an uncomfortable choice: seamless but risky collaboration with low/no security or secure but inefficient collaboration with heavy file security.
With Secude, there’s a solution that hits the sweet spot for AECO: heightened data security and monitoring without impeding digital AECO workflows.
Get in touch to find out more.
Download our general HaloSHARE solution brief.
