When we discuss what sets Wagner Machine apart from other precision machine shops, naturally, we focus most of our attention on our advanced machining capabilities and unparalleled expertise.
But there’s another major differentiator you should know about—one that may not be flashy but is of critical importance to us and our customers. We’re talking about our rigorous commitment to cybersecurity to ensure the safety of your sensitive data.
Why Does Cybersecurity in Manufacturing Matter?
The digitization of information has made life much easier for precision machine shops and their customers. However, now that most information exchanges occur online, it’s also easier for cybercriminals to access sensitive data.
Ransomware attacks—in which hackers lock organizations out of their own information in exchange for a hefty sum of money—are on the rise and have become the most dominant cybersecurity threat in manufacturing. These attacks are concerning not only because they can be extremely expensive and disruptive, but because someone external to the company has access to all data including customer files.
In many cases, cybercriminals look for “easy targets” in the form of small to mid-sized vendors as a way of gaining access to their customers’ (i.e., larger companies’) private information. This tactic puts precision machine shops in the direct path of attackers, and defending against potential threats is a responsibility that Wagner Machine takes very seriously.
How We Prioritize Cybersecurity at Wagner Machine
We are committed to ensuring that all of our customers’ sensitive data is protected when they work with us. Because we work with large customers in the medical, defense, and aerospace industries, all our customers receive the benefit of the most robust cybersecurity protocols. Most precision machine shops of our size (or many times our size) haven’t invested as heavily as we have in cybersecurity, and we take pride in this key differentiator.
We even hired an in-house Chief Information Officer, Kyle Blocher, to provide dedicated cybersecurity expertise—something you won’t find at many other small to mid-sized shops. He works on custom software, reviews our infrastructure, coordinates with external IT resources, and helps us identify and implement solutions to improve cybersecurity on an ongoing basis. Some of these solutions include:
- Securing cloud access. We leverage well-established cybersecurity best practices to secure access to cloud resources, including using a trusted single sign-on (SSO) service and requiring two-factor authentication.
- Securing local access. We implement two-factor authentication locally for our own network as well. Each time an employee logs on to a computer, they must use a smart device and a pin. We’re also working to enforce similar measures offline to better restrict physical access to our building and equipment.
- Performing frequent backups. We conduct comprehensive backups of all information so we can restore our entire network of data in less than 30 minutes in the event of a ransomware attack. We inadvertently tested this process’s effectiveness one day when a freak storm shocked our server room and took everything down. We rebooted our network from our backup using a virtual server and completely restored our data quickly and easily.
- Flagging emails. Emails are a major point of vulnerability for cyberattacks due to practices like spoofing, in which hackers trick recipients into thinking an email is from a trusted source. To protect against this tactic, we flag all emails from external sources. Even emails from vendors and customers we’ve worked with before are flagged accordingly. We also have software running on internal devices to monitor unexpected attachments and website traffic.
- Limiting information exchanged via email. We use secure collaborative tools with customers and vendors—such as shared cloud storage—to limit sensitive information exchanged via email. We also encourage customers to use our highly secure quoting platform, which allows them to submit files without relying on email. When transferring files by email is necessary we have encrypted options for that as well.
- Considering all risks. It’s hard to even think about this possibility, but as precision machine shops grow, the risk of one of their own employees instigating or aiding in a cybersecurity attack increases. We have the utmost trust in our incredible team members at Wagner Machine, but practicing an abundance of caution is the minimum standard these days. We assign employee access intentionally, so team members only see the information they need to do their jobs. We also track files that are emailed or transferred to external storage. We carefully balance security and productivity to ensure that we’re never compromising one for the other
- Restricting paper documentation. We have paper copies of all jobs currently in process, but we’re diligent about shredding this documentation as soon as we no longer need it. There is no paper repository of our old records and no physical operational archive at our shop.
- Maintaining key certifications. Here’s a funny story: We were so far ahead of the curve on credentials that we tried to obtain a CMMC Level 3 certification before there were even auditors available. CMMC is the new standard for doing business with the Department of Defense. We realized we were 90% compliant with CMMC Level 3 already, so we implemented the remaining practices. We should be certified by the end of 2022.
We want you to feel confident that you can trust Wagner Machine with your sensitive data. Our team is committed to prioritizing cybersecurity now and into the future to provide you with the assurances you need. Request a quote using our (secure!) form, and let’s work together on your next project!