ProShop ERP
ProShop SAFE™ (Secure Access File Ecosystem) cloud-based ERP file management system

File Management System Protects Data, Aids Security Compliance

Sept. 15, 2022

PROSHOP ERP introduced the ProShop SAFE (Secure Access File Ecosystem) cloud-based ERP file management system that enables companies to achieve multi-dimensional, role/user-based data security compliance to multiple standards, such as NIST 800-171, CMMC, ITAR, HIPAA, SOC, GDPR and ISO-2700X. ProShop SAFE ensures that only authorized users have access to specific files and folders managed through the unified credentials and authentication of their ProShop login.

“A business that is out of compliance with data security standards can lose contracts,” explained Paul Van Metre, president of ProShop USA. “Application of ProShop SAFE accelerates and simplifies fulfillment of a wide range of security requirements, avoiding possible loss of work while saving money and time.”

Combined with ProShop’s GovCloud hosting suite of features, ProShop SAFE limits a shop’s Controlled Unclassified Information (CUI) footprint and thereby simplifies and economizes compliance efforts, as well as protecting other sensitive company and customer data. (Future versions will even streamline marking of CUI, CTI, FCI, etc.)

Beyond facilitating CMMC and ITAR standards achievement, ProShop SAFE also ensures that an employee cannot accidentally delete or move critical information he is not authorized to act upon. ProShop ERP is the shop management software specifically designed for defense and aerospace CNC machining and manufacturing with these levels of security controls.

ProShop SAFE™ is a managed encrypted file store (end-to-end and at rest) that securely and seamlessly translates into the browser experience. User-definable File Access Security Groups (FASG) within the User Module of ProShop enable security administrators to define permissions of all folders and files within the file store, and provide read/write/execute, or forbid access, to any configuration of approved folders, subfolders, and files. When a ProShop login is authenticated via a user’s ProShop credentials and 2 Factor Authentication (2FA) (if enabled), the files and images are immediately available and visible in the ProShop browser interface.

A user can view and manipulate those files with the secure cloud file store and in-memory of the device, without the need for them to be downloaded to the user’s device. This limits the storage footprint of CUI information within a shop and makes it considerably simpler to achieve CMMC and ITAR requirements for control of CUI. When the ProShop session is closed, the file store is immediately removed and access to any files within it is terminated.

In many ERP systems, files may be stored in a database that requires anything beyond simple viewing of a file in the browser must include downloading the file to the local device. That adds significant risk, cost, and complexity to the process of meeting CMMC Level 2 requirements. Conversely, in ProShop SAFE files are stored in human readable and browsable file structures and are access-controlled across all folder hierarchies.

ProShop SAFE even allows access to subfolders housed within upper-level folders without providing access to the upper-level folder itself. This level of control is essential for safe and effective management of files that employees need to effectively perform their jobs.

For example: A CNC machinist (and ITAR-approved US person) can log into ProShop on the shop floor using user-specific credentials and a 2FA key on a Windows-based device that may previously have had no access to ProShop SAFE™ files. As soon as ProShop authenticates the credentials, the ProShop SAFE file store is connected, and that person can browse only the specific folders and see the specific files permitted. So, the person may have read-access-only to the G-Code folder associated with the parts and work orders involved.

He also can view the approved inspection drawing directly within the browser and see the approved set-up photos and videos stored within the part folder. ProShop SAFE also allows ‘write’ access to that folder so new photos of the set-up can be submitted for manufacturing engineering approval. When setup is complete, the file store is immediately removed when the person logs out of ProShop. Then, when a CNC machine operator logs into the same device to run the job and new permissions are applied, there is direct access to the G-Code files and folder and read-only access to photos of the setup within the ProShop interface. However, there is no write access to that file folder, to prevent deleting, moving, or editing any files within the folder. The least privilege security settings limit what the machine operator can see or do. As soon as the operator logs out of ProShop, the file store is disconnected, and files cannot be browsed or accessed by anyone on that device.

Learn more at