By Abhijit Tannu, CTO, Seclore
The semiconductor industry is tackling several challenges globally. Certain geopolitical headwinds such as the United States (US)-China diplomatic relationship along with the Russia-Ukraine conflict have contributed to significant supply chain disruptions.
Further, the industry’s needs are very intricate when it comes to collaboration among stakeholders and companies operating out of multiple countries. The industry stakeholders include inventors, chip designers, companies that set up fabrication units and companies that manufacture chips using the fabrication units. These stakeholders could be located across different countries making secure collaboration and flow of data challenging.
Non-disclosure agreements are not enough
The US and its allies are making significant efforts to protect their intellectual property rights, especially in the area of electronic design and manufacturing. There are several regulations such as International Traffic in Arms Regulations (ITAR), Export Administration Regulations (EAR), the Wassenaar Arrangement etc., that apply to American chip manufacturers and companies that license technology to foreign entities for chip design.
The regulations extend beyond the territorial boundaries of the US, which means, they apply to American companies and their entire supply chain across the globe. Their suppliers and even their supplier’s suppliers are subject to these regulations.
Several US companies have set up their fabrication facilities in China and are required to share their designs with third parties. They are now in the processing of setting up similar facilities in other countries like Malaysia, Vietnam. Indian government is also putting significant efforts in this space.
Enforcing the regulations throughout a global supply chain is challenging for companies. Traditional methods like non-disclosure agreements are not effective anymore, particularly when dealing with state players.
Data-centric security is the key
Traditional security mechanisms that protect information within a device, network or application perimeter aren’t suited for complex collaboration use cases. When sensitive information needs to be exchanged across organizations and countries, traditional perimeter security mechanisms offer little value.
Data-centric security solutions, on the other hand, can secure, control and track usage of sensitive data while the data travels across the value chain. Data-centric solutions act as business enablers and facilitate collaboration and data sharing while maintaining security controls over sensitive information.
Some of these solutions offer features such as tracking and restricting access to information based on specific countries or locations, which directly help in complying with regulatory requirements.
Additionally, these solutions offer the capability to revoke permissions after information is shared. For example, you may have shared confidential information with a vendor or partner in the past, but no longer wish to continue with the partnership. In such cases, you can easily revoke access to all information shared earlier.
The usage tracking mechanism offered by such solutions is document and user centric. They can provide valuable reports and analytics that not only help you understand where and how your information is being used, but also serve as evidence of your compliance with regulatory requirements.
Many global leaders in the semiconductor space are already using data-centric security solutions to protect Intellectual Property for themselves and their customers.
In an increasingly globalised world, with complex collaboration requirements, particularly in the semiconductor industry, data-centric security has emerged as a crucial and robust mechanism to secure sensitive information. It could play a pivotal role in securing sensitive data that is critical to your business and your country as a whole.
As India positions itself as a global investment hub for the semiconductor industry, it is important to project confidence to the world, especially to the West, that it has the right technology to protect their intellectual property.