Managing internal security threats in manufacturing

Manufacturing customers make up an increasing proportion of Docusign’s enterprise client base, as companies that make anything from milk cartons, to electric vehicles, to mining equipment continue to digitise their agreement processes.

Whilst many manufacturers will start with a simple use case - such as employment contracts in a single division, usage can quickly grow across the organisation:

  • Into new countries and regions
  • Into new functions and teams
  • Into new business units and brands

Our manufacturing clients use Docusign in R&D and in procurement of direct and indirect goods.  Docusign is used to sign off Health and Safety procedures, compliance and quality control processes.  Products and services are sold using order forms completed with Docusign, and followed up with support processes signed on the platform.

Each of these new requirements can often come with their own data residency requirements (such as EU employment data needing to reside in the EU), their own signature types (such as Brazilian agreements requiring a Brazilian certificate authority), or their own integration requirements (to support production facility specific applications).

Very quickly, what was an easy to govern single account system can become a complex multi-account, multi-legislation environment with tens or hundreds of instances, hundreds of admins and thousands of end users.

Docusign supports this complexity within our Enterprise Pro Org Admin module, however these differing requirements can introduce new challenges for the Enterprise IT and Infosec teams tasked with the responsibility of managing the Docusign platform.

Security risks are external and internal

Any organisation has two main sources of potential risk and security attack - from outside your company and from inside your company.

Docusign has invested in providing the very best levels of security and protection from external threats to our customer’s data - whether that is Binding Corporate Rules for EU data, or FedRamp for government data in the US.

But increasingly our Enterprise customers are focusing on the internal risks to their Docusign data as their usage of the platform grows in scale and complexity.

Internal risks may be malicious or accidental

Malicious risks can come from ‘bad actors’ - users or admins who are disgruntled with their employer and choose to exploit their own systems to access or export data that they shouldn’t.

Accidental risks can come from poorly trained users or admins who don’t understand the implications of what they are doing and inadvertently expose the company to data loss.

For many Enterprises, the discovery of this data loss - whether malicious or accidental - comes too late, or worse, not at all.

In our multi-account global enterprise customers both these risks can easily appear as multiple new admins are onboarded to manage a specific account or instance for a brand, region or function. These admins are often not very well connected to your core centre of excellence team and don’t have the same level of expertise and experience for the power that they have.

Docusign Monitor look at your own use of the platform

Docusign Monitor is being adopted by Enterprise customers to proactively alert infosec teams to these kinds of risks as they happen in near real-time.

An add-on to our core Enterprise Pro eSignature platform, Monitor looks across all of your organisation’s Docusign accounts, all of your admins and all of your users and initiates an alert whenever one of 40+ potentially risky events occur.

Examples include:

  • A user trying the wrong password twice in a row
  • An admin updating permission settings
  • An admin initiating a bulk download of envelopes

All of these events might have a genuine business reason - but they also might be an indication of foul play, accidental use, or potential data loss.

Many of our larger manufacturing clients will have implemented an SIEM platform like Splunk, to track these kind of security events across their entire cloud platform estate - from CRM, to email, to HR - and plugging Docusign Monitor into that existing platform is a natural next step.

Peace of mind enables further adoption of digital signature processes

Companies that have implemented security monitoring early on in their global adoption of Docusign find it easier to further increase their adoption, as they know the protections are already in place for every new instance, every new admin and user. 

Combined with a train the trainer approach for admins and users, Docusign Monitor provides a belt and braces approach to your enterprise security needs.

For more information on Docusign Monitor, and how easy it is to add on to your existing Docusign Enterprise Pro account just contact your Docusign representative.

Charlie Cowan
Strategic Enterprise Account Executive