Kenesto COO Tom Greaves spoke with CyberNews about security issues for engineering and construction firms who are moving their data and workflows to the cloud.
Tell us how it all began. How did Kenesto come about?
Kenesto was founded in 2007 as Innovashare to develop product lifecycle management solutions for small- and medium-sized enterprises. Funded in 2009 by two VCs, Hasso Platner Ventures (Germany) and Cedar Fund (Israel), the company changed its name from to PLMPlus. In 2011 when the company had failed to deliver a working product and was running out of money, the management team was terminated. Serial entrepreneur (PTC, SolidWorks, SpaceClaim) Mike Payne became CEO in 2011 and the company changed its name to Kenesto Corp. Funded by Mike Payne and others, the company continued development and developed a cloud-mounted drive with a local drive front end and focused its attention on mechanical design and AEC markets. At end of 2020, Kenesto was challenged by one of its OEM partners to automate the processing of PDF documents for construction applications. Recently the company has delivered a working solution to compete with market incumbent Bluebeam, a Nemetschek company with a handful of early customers.
Can you introduce us to what you do? What are the main challenges you help navigate?
Kenesto is a cloud software platform designed for managing engineering and AEC documents. Engineering and AEC documents change frequently and Kenesto manages the file locking and unlocking required to prevent team members from overwriting each other’s work. While solutions like Dropbox, Box, Egnyte, Google Drive, and OneDrive work well for documents that are unchanging or only rarely changing — photographs for example, their underlying synchronization methods fail for engineering and AEC documents.
With Kenesto, all versions of all documents are maintained in perpetuity and the system behaves like a mounted disk in the customer’s office, but with a “single source of truth” in the cloud. Using the familiar user interface of Windows Explorer, files and folders are arranged in the same way as one would expect for a C Drive. While Kenesto is not a PDM system, it has many features offered by on-premises PDM systems. Kenesto includes viewer capability for many 2D and 3D file types, and extensive viewing and markup capability for PDF files, allowing collaborative meetings to be held over the web with many participants.
The users’ files are stored in the secure AWS S3 and are encrypted. Each file is given a unique name, with no extension, making is very difficult for intruders to infect it. While files are never deleted, they can be hidden from view. All file transfers from the user’s local computer to the cloud are encrypted. For performance, there is a local cache containing the files recently used by the user.
Since many companies are turning to cloud solutions, what are the benefits of cloud storage? Are there any disadvantages compared to storing information locally?
Cloud storage solutions offer security, backup, and reliability advantages not readily achieved with installed, on-prem storage solutions. For employees who work from home or from remote offices, cloud-based storage also can provide superior performance compared to VPN alternatives. Kenesto focuses its efforts on engineering and AEC users and for them the cloud also offers enhanced collaboration capabilities for teams to share and markup documents in a standard browser.
How do you think the recent global events influenced the way people perceive cybersecurity?
Recent global events are a wakeup call for anyone concerned about the safety of their data. The prospect of being hacked by bad actors, in some cases state-sponsored bad actors or bad guys offered shelter by a sovereign nation, looms even larger today. If nothing else, there is a growing awareness of vulnerability and an increased appetite for recovery plans.
Of course, sometimes the threats are internal. A few months ago, a Kenesto customer discovered a rogue employee had attempted to delete all his firm’s engineering data. We had them back up and running in minutes. Because Kenesto stores every version of every file, the recovery was complete.
As more companies move their workload to the cloud, are there any details that might be overlooked when making the switch?
When moving to the cloud, a fork in the road is deciding between storing your data in the cloud and doing all your computation in the cloud, i.e., going all in. It is important to understand the technical and business implications of each.
Storing the data in the cloud — without going all-in on computation– preserves the option of working with industry standard formats. For example, construction companies can store their PDF files knowing that PDF is the de facto standard format with many choices for editing, viewing and sharing data. Similarly, engineering companies can keep SolidWorks files in the cloud knowing that they can retrieve them and have them readily translated to Inventor or Solid Edge with readily available translators.
Going all in on computing in the cloud, your options for getting your data out, should you need to switch providers, may be much more limited if your cloud solution provider works with proprietary formats. Cloud solution providers make the case that working with proprietary formats is the price of admission to the innovation and productivity gains they offer. However, what we too often see is that the exit from a cloud provider is much more difficult and painful than the entrance. Need more evidence? Look at the lofty valuations of cloud providers who are providing end-to-end computational services. Wall Street, private equity and hedge call this stickiness. Flypaper is sticky too.
When it comes to sharing sensitive files, what bad habits do you notice most often?
Three bad habits come to mind immediately. First, sharing web links to sensitive data is a bad idea. Why? Links can be reshared without the consent or knowledge of the original sharer. This is the damning weakness of consumer-grade cloud-based storage solutions for business applications. Share the link to the wedding photo of Aunt Millie dancing with cousin Ken by all means, but please don’t share the link to the CAD file of your new product.
Second, control the use of USB drives in your organization. Block their use internally and police their presence on premises. Thumb drives have no place in a secure environment, period.
Third, the cloud is the proper place for the single source of truth for your data. Minimize your exposure to rogue employees by storing your data in the cloud and not on installed, on-premises hardware.
Which threats do you think can become a prominent problem in the upcoming years?
One threat that looms large, particularly to creative professionals in the design professions is that their best work may be harvested for benefit of others without compensation. If your data which now lives in the cloud becomes the learning database for new AI systems and you’ve surrendered the rights to this in exchange for cheap storage or cheap computation, you may live to regret this Faustian bargain. Keep your files in the cloud by all means but don’t sell your best creations for a plate of lentils.
In your opinion, what are the best cybersecurity practices every organization and individual should adopt to combat these new threats?
One — store your files in the cloud. But think hard before you move your complete compute infrastructure to the cloud. Plan your exit in case your plan goes sideways.
Two – get your versioning act together. Storage is inexpensive and getting even less expensive. Capitalize on this by keeping every version of your design and construction files. Stored securely, this is the best anti-venom for ransomware attacks from the outside and rogue behaviours from the inside.
Three – work with a single source of truth for your engineering and AEC data. If you’re a big company and you have fast internet connectivity between your offices, have a look at Nasuni. It is a great solution. For the rest of us, small- and medium-sized businesses with consumer-grade internet, have a look at Kenesto.
Would you like to share what’s next for Kenesto?
Two initiatives are in the works. First, we’ve released PDFBilt, a cloud-based, automated PDF splitting, linking, annotation, and collaboration tool. PDFBilt is aimed squarely at the installed, on-premises Bluebeam market for construction documentation. We’ve brought machine learning to this market that for too long has had too few choices.
Second, we’re working on a hub product to improve the performance for offices using the Kenesto drive. Caching the single source of truth data on a local hub will elevate through put at the office level. Sometimes the best computer hardware is the hardware you already own. If you’ve already made a substantial investment in computers for rendering or analysis, that may be the best hardware to keep using. We believe that you ought to choose solutions that give you the flexibility to choose to execute locally, or in the cloud. Our local hub will let customers have the performance advantages of local computing and get the security, collaboration, and scale advantages of cloud computing. Exciting times!