Obtaining quotations, planning capacities, coordinating joint research and development: Automotive manufacturers have to share a lot of sensitive information with their suppliers. Suitable file-sharing platforms for storing and exchanging files offer a good way of doing this.
Such platforms allow folder structures or specific parts of them to be made available in a web front end. Different rights need to be granted for viewing and editing the folders and the files contained within. This way, automotive manufacturers can implement supplier portals that are fit to orchestrate the secure and efficient exchange of confidential documents.
Key qualities of automotive supplier portals
To be useful and secure, such platforms need to provide some key functionality:
- The portal provides three basic roles related to a folder or file: Owner, Editor and Viewer.
- Owners, usually employees of the automotive manufacturers, have the option of sharing folders to enable document exchange with suppliers. This can be done either using a dedicated folder for each supplier or in shared folders if interaction between suppliers is required.
- Owners can grant shares for files and folders to user groups defined by suppliers, but also to individual users.
- Folders can also be shared upload-only to enable collecting input from suppliers without disclosing the folder content.
- By default, folder sharing in the supplier portal only affects the contents of the current folder level, excluding subfolders. Subfolders can optionally be included. This simplifies integration of suppliers into the folder system on a need-to-know basis and markedly reduces the risk of exposing confidential data by folder access inheritance.
- Automotive manufacturers can operate their portal on their own servers or in a data center of their choice. This enables full control over sensitive data at all times.
“The file-sharing services of major US hyperscalers are out of the question for supplier portals. They are not suitable for exchanging sensitive information, neither functionally nor structurally due to their public cloud model. The US Cloud Act means they simply cannot prevent unauthorized data access,” explains Tobias Gerlinger, CEO of ownCloud. “Automotive manufacturers are therefore well advised to take a hybrid approach and implement secure private cloud solutions for supplier portals.”