We asked a cybersecurity expert: Can the cloud help water utilities?

Eric Suesz Eric Suesz August 17, 2023

13 min read

Water utilities in the US have been given a mandate by the federal government that they need to improve their cybersecurity. It’s a serious issue, but this directive is also competing with the US’s aging water infrastructure, limited funding, and a host of other needs.

We wanted to talk to an expert with experience across industries about the wisdom of using the cloud for cybersecurity, so we sat down for a conversation with Maggy Powell.

Maggy joins us from the AWS Security Assurance team. She is a Principal Security Industry Specialist focused on security and compliance for the Energy and Utilities Sectors. She joined AWS after 14 years in the power and utility industry, having worked at depth on security regulatory compliance and security operations for operational technology. At AWS, Maggy supports energy and utility customers as they navigate security and compliance challenges for critical infrastructure, and pursue cloud adoption to enhance reliability, security, and resilience.

Let’s start with a very basic – but very legitimate – question. Why is it safe for water utilities to trust their data to the cloud?

I think it’s human nature that when somebody’s approaching something new and they don’t completely understand how it works yet, there’s an inherent distrust. But when a water utility operator stops to think about it, they realize that by supporting their software on-premises – working with desktop software, backing up data locally or via on-premises datacenters, etc. – they are bearing certain risks.

The operational risks for water utilities are higher than for many other businesses because they are operating critical infrastructure. It is vital to the health of our nation. That operational risk demands high security measures. Because of that, trust is important. However, earning trust means learning some of the details about cloud technology and applying it to meet your security and business needs.

That said, I like to start by talking about three main benefits of the cloud that can help bolster utilities’ understanding and trust for cloud-based system and operational security. There are others, but these are my favorites.

First, is the ability to rely on global infrastructure. With an on-premises setup, you may have a primary data center and a back-up, so you have some resources if you have an outage with your primary or are performing updates and need to run on the back-up. Cloud allows you a much greater level of redundancy and resiliency, with the ability to host your data in multiple AWS cloud datacenters that are geographically spread. This reduces your risk compared to having your on-premises resources in the same footprint, say in the path of a natural disaster.

AWS data centers are organized into regions, with a region being a collection of multiple availability zones, and with availability zones being made up of multiple discrete datacenters. So, the opportunities for back up, redundancy, and failover recovery goes far beyond what a single utility could implement and maintain on its own using an on-premises approach.

That’s a good point. Some of our customers also need to follow regulations specific to their region, and Autodesk can offer them ways to store their cloud simulations safely in specific locations.

Yes, the customer controls where their data resides. It’s important for utilities to understand that cloud is a resource to augment their operations and meet their business needs.

The second security aspects I like to note is increased visibility. When using cloud applications or cloud solutions, every activity is an API call, which is subject to logging and monitoring. And all of those granular activities can be turned into useful alerts and automation. If you want to protect yourself from an adverse event or have a specific security concern that you want to solve for, since every activity is tracked, you can programmatically set up your system to watch for specific threats, and auto-remediate if that makes sense.

Automation, my third of three, can also simplify common tasks and reduce human error by creating scripts for repeated tasks like maintenance and deployments.

Both of those last two are also very important to Autodesk. In addition to logging potential cybersecurity threats, our software is designed so that engineers can monitor and control sensors, as well as crunch analytic data to create alerts about important real-world changes in very specific scenarios – to monitor specific percentages of chemicals in a solution so that it remains safe, for example. In other words, the more granular and extensible data we can provide to our water utility customers to give them more control over their operations, the better.

Absolutely. I mentioned security alerts, but that added visibility is so valuable to operations. I encourage utilities that are considering investing in a cloud-based solution to focus on that aspect of control. Some people have an assumption with cloud-based security that you just turn everything over to somebody else and it’s completely out of your control. That’s certainly not the case. You control where your data goes and who has access to it, although with cloud security you can actually do this on a much more granular level.

Finally, on the topic of trust, security is a top priority. Our infrastructure is built to satisfy the security requirements for military and global banks, among others that are also part of our critical infrastructure. But you don’t have to take our word for it. We’re also subject to a long list of international security assurance certifications and authorizations. AWS is regularly audited by cloud security experts, and subject to continuous monitoring. Information on AWS certifications is available to our customers so they can easily validate that our security controls are in place.

The EPA has called for water utilities to fold a water cybersecurity self-assessment into their regular sanitary reviews. The AWWA sought a judicial stay of that guidance because they don’t think smaller utilities will have the ability to effectively self-assess their cybersecurity practices. I see their point, but I also want more cybersecure water infrastructure. Is self-assessment the best way?

First of all, it’s never easy for any operator entity to adapt to new rules. There’s always cost associated – even just programmatic costs. Regulating security can sometimes feel awkward, but let’s not forget that governments are trying to incentivize the adoption of good, secure practices that are in everyone’s interest. We all want safe, secure drinking water. We all want the lights to stay on and the gas to flow. But it does take some effort to understand what the current state is and to implement measures and controls that can help address and mitigate some of those security risks.

The AWWA has put together summary information and guidance. CISA also has guidance, in addition to what the EPA is putting out. I think one good thing about the EPA guidance for water utilities is that it is very much a risk-based approach. Operators generally know what their risks are. They’re the ones best situated to assess the specific facts and circumstances that affect their operations.

Need help? We created a cybersecurity toolkit.

Read our cybersecurity toolkit for water utililities, which is packed full of information for assessing your risks. It includes both online and downloadable resources for water utilities like free cyberassessment programs and grants you can apply for to improve your security.

One of the reasons we think that a risk-based assessment approach is so important is because operations, technology, and security risks evolve. Regularly reassessing your risk is very important in order to keep up with the changing operational and threat landscape. Regardless of the status of the regulations, AWS supports water utilities in aligning their security with the guidance set by the AWWA, EPA, and CISA.

What is a basic example of how the cloud is better than on-premises software that anyone working at a utility would immediately understand?

Patch management is a good example. When you’re managing installed desktop software on-premises, you’re responsible for implementing software patches. It’s ever-present, something you must keep up with. It can take a lot of time to download patches and install them on individual systems. Using cloud patch management, patching can be set up in a much more streamlined, automated manner. It can become part of the automated workflow. This can save a lot of time and effort.

Some software providers who don’t have mechanisms to support customer patch updating struggle to keep patching timely. That’s just something you don’t have to worry about with the cloud.

That’s an excellent point. We’re always trying to find ways to encourage our customers, particularly those who have been using our legacy desktop software products for a decade or more, to update to the latest versions. But with our SaaS, web-based Info360 applications, which are hosted in the cloud, we simply don’t have to do that. Updates are automatic. Our desktop InfoWorks WS Pro and InfoWorks ICM users can also now run simulations in the cloud using a newer version of the app with cloud support. That’s yet another constituency of our users who won’t have to update their apps.

I think that’s a good example of how shared responsibility works. You’re not alone in that effort any longer. One of the great things about this is that what you hand to the cloud service provider tends to be more undifferentiated work – maintaining infrastructure, maintaining servers, things like that. By sharing that work with a cloud service provider, you can then focus on the work that makes a difference to your business and to your customers.

Our head of water products and engineering Rick Gruenhagen has said, “From our perspective, the security of cloud-based systems is something that’s a solved problem – solved, because we have so many other industries building services in the cloud.” Some industries face much stricter regulation than the water industry. Should water utilities take comfort in that already trodden path?

In the past two years, we have seen more industry leaders like Autodesk innovating using cloud technology to deliver Software-as-a-Service (SaaS) solutions. And I think this is something that water utilities have going in their favor. In some ways, the road has already been paved by other industries.

One that is top of my mind for me when it comes to dealing with a lot of data is Financial Industry Regulatory Authority weather (FINRA), who are responsible for monitoring all market trades in the US every day for fraud. They must process an average of 37 billion records in their day-to-day workings. It used to take them three to four weeks to bring on and harden a new server for their resources. When they moved to a cloud solution, that switched to about three to four minutes. They no longer need to build out a huge on-premises infrastructure to meet their peak needs. The value of that for them is that they’re able to be nimble, spinning up the resources they need and spinning them down when they’re done.

When thinking about utilities and operations, a gas provider in the UK, SGN, comes to mind. They are in a very heavily regulated environment. When they started to consider cloud migration, they saw an opportunity to build compliance reporting directly into their deployments.

So perhaps an added benefit for water utilities is that they can tackle not just cybersecurity with the right solution but also compliance?

Security and compliance go hand in hand. Security is implementing controls and compliance is demonstrating that they’re there. I know from my own experience working in the electrical sector that reporting, and producing compliance documentation can be manual and time consuming. It can be costly, so using cloud solutions to build in reporting mechanisms can make a big difference in streamlining how you’re demonstrating compliance. It’s obviously going to be specific to your own regulatory structure as a water provider, but because of the ability to log and monitor in an automated way, there is more opportunity to be able to streamline that reporting.

The AWWA and EPA guidance is closely aligned with the NIST Cyber Security Framework, which is a well-established framework and a good model to begin considering as a structure to security controls. AWS has a number of resources that map to NIST controls.

There are over 148,000 water utilities in the US, and many struggle to increase their funding to implement new technologies. Is adding cybersecurity to their list of responsibilities a burden that will cost them more money or an opportunity for them to get more value for their tech dollar by investing in software that alleviates cybersecurity concerns?

We talk a lot about this at Amazon. Innovation brings many entities to the cloud, but sometimes cost savings actually provide a greater appeal. In addition to unlocking historically siloed data, water utilities are realizing that the total cost of ownership for IT operations are reduced by working in cloud environments. Simply put, there is a lot of opportunity for cost savings in cloud deployments.

Taking advantage of that can be quite advantageous for your customers because AWS invests more in their security measures and policing and monitoring than almost any company could do on their own, so our customers – and by extension your customers – get the benefit of that built-in security and ongoing monitoring.

But I like to remind people that cloud adoption is a journey. It’s important to be thoughtful and understand what your business objectives are, what your security requirements are, and look into the information and resources available. Educational information and training about cloud technology is available for free. To help utilities understand that potential, we published a guide for water professionals with Bluefield Research specifically on Securing Water Utilities with AWS.

Lastly, an observation that keeps me up at night. I feel like smaller rural water utilities in the US are prime targets for hacking and ransomware style attacks. They struggle with limited resources and may rely on outdated or problematic workflows. I’m thinking of things like passing Excel spreadsheets among multiple third parties with those same documents making countless trips through multiple computer systems. To me, SaaS and the cloud helps solve that problem by both eliminating the need to share over unsecure networks and by providing a digital trail of evidence for what is shared.

I share that observation. The smaller utilities that I’ve worked with, whether it’s electric, water, or gas, have been doing things very well for a very long time – on tight budgets – and the growing recognition about cybersecurity risks are straining resources. Cybersecurity is a lot to wrap their arms around, but there are great resources out there that a utility provider can turn to. The water trade associations such as American Water Works Association have valuable resources on security. As well, the current software providers that utilities rely on for on-premises solutions are a resource.

It’s worth it for water utilities to ask those providers, “Do you offer secure, cloud-based solutions – or do you have a roadmap for that in the future?” If not, what can you do now to help me understand both my software-based vulnerabilities and my operational vulnerabilities?

Further reading: How other utilities are adopting the cloud for cybersecurity

Fill up on more of the One Water blog

Sign up for the One Water Blog newsletter, and we'll keep you updated about our top stories, along with the best content we find online. We only send out a newsletter when we have something interesting to share.

______
icon-svg-close-thick

Cookie preferences

Your privacy is important to us and so is an optimal experience. To help us customize information and build applications, we collect data about your use of this site.

May we collect and use your data?

Learn more about the Third Party Services we use and our Privacy Statement.

Strictly necessary – required for our site to work and to provide services to you

These cookies allow us to record your preferences or login information, respond to your requests or fulfill items in your shopping cart.

Improve your experience – allows us to show you what is relevant to you

These cookies enable us to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we use to deliver information and experiences tailored to you. If you do not allow these cookies, some or all of these services may not be available for you.

Customize your advertising – permits us to offer targeted advertising to you

These cookies collect data about you based on your activities and interests in order to show you relevant ads and to track effectiveness. By collecting this data, the ads you see will be more tailored to your interests. If you do not allow these cookies, you will experience less targeted advertising.

icon-svg-close-thick

THIRD PARTY SERVICES

Learn more about the Third-Party Services we use in each category, and how we use the data we collect from you online.

icon-svg-hide-thick

icon-svg-show-thick

Strictly necessary – required for our site to work and to provide services to you

Qualtrics
We use Qualtrics to let you give us feedback via surveys or online forms. You may be randomly selected to participate in a survey, or you can actively decide to give us feedback. We collect data to better understand what actions you took before filling out a survey. This helps us troubleshoot issues you may have experienced. Qualtrics Privacy Policy
Akamai mPulse
We use Akamai mPulse to collect data about your behavior on our sites. This may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, your IP address or device ID, and your Autodesk ID. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our features. We also use advanced analytics methods to optimize your experience with email, customer support, and sales. Akamai mPulse Privacy Policy
Digital River
We use Digital River to collect data about your behavior on our sites. This may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, your IP address or device ID, and your Autodesk ID. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our features. We also use advanced analytics methods to optimize your experience with email, customer support, and sales. Digital River Privacy Policy
Dynatrace
We use Dynatrace to collect data about your behavior on our sites. This may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, your IP address or device ID, and your Autodesk ID. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our features. We also use advanced analytics methods to optimize your experience with email, customer support, and sales. Dynatrace Privacy Policy
Khoros
We use Khoros to collect data about your behavior on our sites. This may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, your IP address or device ID, and your Autodesk ID. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our features. We also use advanced analytics methods to optimize your experience with email, customer support, and sales. Khoros Privacy Policy
Launch Darkly
We use Launch Darkly to collect data about your behavior on our sites. This may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, your IP address or device ID, and your Autodesk ID. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our features. We also use advanced analytics methods to optimize your experience with email, customer support, and sales. Launch Darkly Privacy Policy
New Relic
We use New Relic to collect data about your behavior on our sites. This may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, your IP address or device ID, and your Autodesk ID. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our features. We also use advanced analytics methods to optimize your experience with email, customer support, and sales. New Relic Privacy Policy
Salesforce Live Agent
We use Salesforce Live Agent to collect data about your behavior on our sites. This may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, your IP address or device ID, and your Autodesk ID. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our features. We also use advanced analytics methods to optimize your experience with email, customer support, and sales. Salesforce Live Agent Privacy Policy
Wistia
We use Wistia to collect data about your behavior on our sites. This may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, your IP address or device ID, and your Autodesk ID. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our features. We also use advanced analytics methods to optimize your experience with email, customer support, and sales. Wistia Privacy Policy
Tealium
We use Tealium to collect data about your behavior on our sites. This may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our features. We also use advanced analytics methods to optimize your experience with email, customer support, and sales. Tealium Privacy Policy
Upsellit
We use Upsellit to collect data about your behavior on our sites. This may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our features. We also use advanced analytics methods to optimize your experience with email, customer support, and sales. Upsellit Privacy Policy
CJ Affiliates
We use CJ Affiliates to collect data about your behavior on our sites. This may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our features. We also use advanced analytics methods to optimize your experience with email, customer support, and sales. CJ Affiliates Privacy Policy
Commission Factory
We use Commission Factory to collect data about your behavior on our sites. This may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our features. We also use advanced analytics methods to optimize your experience with email, customer support, and sales. Commission Factory Privacy Policy
Google Analytics (Strictly Necessary)
We use Google Analytics (Strictly Necessary) to collect data about your behavior on our sites. This may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, your IP address or device ID, and your Autodesk ID. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our features. We also use advanced analytics methods to optimize your experience with email, customer support, and sales. Google Analytics (Strictly Necessary) Privacy Policy
Typepad Stats
We use Typepad Stats to collect data about your behaviour on our sites. This may include pages you’ve visited. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our platform to provide the most relevant content. This allows us to enhance your overall user experience. Typepad Stats Privacy Policy
Geo Targetly
We use Geo Targetly to direct website visitors to the most appropriate web page and/or serve tailored content based on their location. Geo Targetly uses the IP address of a website visitor to determine the approximate location of the visitor’s device. This helps ensure that the visitor views content in their (most likely) local language.Geo Targetly Privacy Policy
SpeedCurve
We use SpeedCurve to monitor and measure the performance of your website experience by measuring web page load times as well as the responsiveness of subsequent elements such as images, scripts, and text.SpeedCurve Privacy Policy
Qualified
Qualified is the Autodesk Live Chat agent platform. This platform provides services to allow our customers to communicate in real-time with Autodesk support. We may collect unique ID for specific browser sessions during a chat. Qualified Privacy Policy

icon-svg-hide-thick

icon-svg-show-thick

Improve your experience – allows us to show you what is relevant to you

Google Optimize
We use Google Optimize to test new features on our sites and customize your experience of these features. To do this, we collect behavioral data while you’re on our sites. This data may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, your IP address or device ID, your Autodesk ID, and others. You may experience a different version of our sites based on feature testing, or view personalized content based on your visitor attributes. Google Optimize Privacy Policy
ClickTale
We use ClickTale to better understand where you may encounter difficulties with our sites. We use session recording to help us see how you interact with our sites, including any elements on our pages. Your Personally Identifiable Information is masked and is not collected. ClickTale Privacy Policy
OneSignal
We use OneSignal to deploy digital advertising on sites supported by OneSignal. Ads are based on both OneSignal data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that OneSignal has collected from you. We use the data that we provide to OneSignal to better customize your digital advertising experience and present you with more relevant ads. OneSignal Privacy Policy
Optimizely
We use Optimizely to test new features on our sites and customize your experience of these features. To do this, we collect behavioral data while you’re on our sites. This data may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, your IP address or device ID, your Autodesk ID, and others. You may experience a different version of our sites based on feature testing, or view personalized content based on your visitor attributes. Optimizely Privacy Policy
Amplitude
We use Amplitude to test new features on our sites and customize your experience of these features. To do this, we collect behavioral data while you’re on our sites. This data may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, your IP address or device ID, your Autodesk ID, and others. You may experience a different version of our sites based on feature testing, or view personalized content based on your visitor attributes. Amplitude Privacy Policy
Snowplow
We use Snowplow to collect data about your behavior on our sites. This may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, your IP address or device ID, and your Autodesk ID. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our features. We also use advanced analytics methods to optimize your experience with email, customer support, and sales. Snowplow Privacy Policy
UserVoice
We use UserVoice to collect data about your behaviour on our sites. This may include pages you’ve visited. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our platform to provide the most relevant content. This allows us to enhance your overall user experience. UserVoice Privacy Policy
Clearbit
Clearbit allows real-time data enrichment to provide a personalized and relevant experience to our customers. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID.Clearbit Privacy Policy
YouTube
YouTube is a video sharing platform which allows users to view and share embedded videos on our websites. YouTube provides viewership metrics on video performance. YouTube Privacy Policy

icon-svg-hide-thick

icon-svg-show-thick

Customize your advertising – permits us to offer targeted advertising to you

Adobe Analytics
We use Adobe Analytics to collect data about your behavior on our sites. This may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, your IP address or device ID, and your Autodesk ID. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our features. We also use advanced analytics methods to optimize your experience with email, customer support, and sales. Adobe Analytics Privacy Policy
Google Analytics (Web Analytics)
We use Google Analytics (Web Analytics) to collect data about your behavior on our sites. This may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. We use this data to measure our site performance and evaluate the ease of your online experience, so we can enhance our features. We also use advanced analytics methods to optimize your experience with email, customer support, and sales. Google Analytics (Web Analytics) Privacy Policy
AdWords
We use AdWords to deploy digital advertising on sites supported by AdWords. Ads are based on both AdWords data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that AdWords has collected from you. We use the data that we provide to AdWords to better customize your digital advertising experience and present you with more relevant ads. AdWords Privacy Policy
Marketo
We use Marketo to send you more timely and relevant email content. To do this, we collect data about your online behavior and your interaction with the emails we send. Data collected may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, your IP address or device ID, email open rates, links clicked, and others. We may combine this data with data collected from other sources to offer you improved sales or customer service experiences, as well as more relevant content based on advanced analytics processing. Marketo Privacy Policy
Doubleclick
We use Doubleclick to deploy digital advertising on sites supported by Doubleclick. Ads are based on both Doubleclick data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that Doubleclick has collected from you. We use the data that we provide to Doubleclick to better customize your digital advertising experience and present you with more relevant ads. Doubleclick Privacy Policy
HubSpot
We use HubSpot to send you more timely and relevant email content. To do this, we collect data about your online behavior and your interaction with the emails we send. Data collected may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, your IP address or device ID, email open rates, links clicked, and others. HubSpot Privacy Policy
Twitter
We use Twitter to deploy digital advertising on sites supported by Twitter. Ads are based on both Twitter data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that Twitter has collected from you. We use the data that we provide to Twitter to better customize your digital advertising experience and present you with more relevant ads. Twitter Privacy Policy
Facebook
We use Facebook to deploy digital advertising on sites supported by Facebook. Ads are based on both Facebook data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that Facebook has collected from you. We use the data that we provide to Facebook to better customize your digital advertising experience and present you with more relevant ads. Facebook Privacy Policy
LinkedIn
We use LinkedIn to deploy digital advertising on sites supported by LinkedIn. Ads are based on both LinkedIn data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that LinkedIn has collected from you. We use the data that we provide to LinkedIn to better customize your digital advertising experience and present you with more relevant ads. LinkedIn Privacy Policy
Yahoo! Japan
We use Yahoo! Japan to deploy digital advertising on sites supported by Yahoo! Japan. Ads are based on both Yahoo! Japan data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that Yahoo! Japan has collected from you. We use the data that we provide to Yahoo! Japan to better customize your digital advertising experience and present you with more relevant ads. Yahoo! Japan Privacy Policy
Naver
We use Naver to deploy digital advertising on sites supported by Naver. Ads are based on both Naver data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that Naver has collected from you. We use the data that we provide to Naver to better customize your digital advertising experience and present you with more relevant ads. Naver Privacy Policy
Quantcast
We use Quantcast to deploy digital advertising on sites supported by Quantcast. Ads are based on both Quantcast data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that Quantcast has collected from you. We use the data that we provide to Quantcast to better customize your digital advertising experience and present you with more relevant ads. Quantcast Privacy Policy
Call Tracking
We use Call Tracking to provide customized phone numbers for our campaigns. This gives you faster access to our agents and helps us more accurately evaluate our performance. We may collect data about your behavior on our sites based on the phone number provided. Call Tracking Privacy Policy
Wunderkind
We use Wunderkind to deploy digital advertising on sites supported by Wunderkind. Ads are based on both Wunderkind data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that Wunderkind has collected from you. We use the data that we provide to Wunderkind to better customize your digital advertising experience and present you with more relevant ads. Wunderkind Privacy Policy
ADC Media
We use ADC Media to deploy digital advertising on sites supported by ADC Media. Ads are based on both ADC Media data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that ADC Media has collected from you. We use the data that we provide to ADC Media to better customize your digital advertising experience and present you with more relevant ads. ADC Media Privacy Policy
AgrantSEM
We use AgrantSEM to deploy digital advertising on sites supported by AgrantSEM. Ads are based on both AgrantSEM data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that AgrantSEM has collected from you. We use the data that we provide to AgrantSEM to better customize your digital advertising experience and present you with more relevant ads. AgrantSEM Privacy Policy
Bidtellect
We use Bidtellect to deploy digital advertising on sites supported by Bidtellect. Ads are based on both Bidtellect data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that Bidtellect has collected from you. We use the data that we provide to Bidtellect to better customize your digital advertising experience and present you with more relevant ads. Bidtellect Privacy Policy
Bing
We use Bing to deploy digital advertising on sites supported by Bing. Ads are based on both Bing data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that Bing has collected from you. We use the data that we provide to Bing to better customize your digital advertising experience and present you with more relevant ads. Bing Privacy Policy
G2Crowd
We use G2Crowd to deploy digital advertising on sites supported by G2Crowd. Ads are based on both G2Crowd data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that G2Crowd has collected from you. We use the data that we provide to G2Crowd to better customize your digital advertising experience and present you with more relevant ads. G2Crowd Privacy Policy
NMPI Display
We use NMPI Display to deploy digital advertising on sites supported by NMPI Display. Ads are based on both NMPI Display data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that NMPI Display has collected from you. We use the data that we provide to NMPI Display to better customize your digital advertising experience and present you with more relevant ads. NMPI Display Privacy Policy
VK
We use VK to deploy digital advertising on sites supported by VK. Ads are based on both VK data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that VK has collected from you. We use the data that we provide to VK to better customize your digital advertising experience and present you with more relevant ads. VK Privacy Policy
Adobe Target
We use Adobe Target to test new features on our sites and customize your experience of these features. To do this, we collect behavioral data while you’re on our sites. This data may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, your IP address or device ID, your Autodesk ID, and others. You may experience a different version of our sites based on feature testing, or view personalized content based on your visitor attributes. Adobe Target Privacy Policy
Google Analytics (Advertising)
We use Google Analytics (Advertising) to deploy digital advertising on sites supported by Google Analytics (Advertising). Ads are based on both Google Analytics (Advertising) data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that Google Analytics (Advertising) has collected from you. We use the data that we provide to Google Analytics (Advertising) to better customize your digital advertising experience and present you with more relevant ads. Google Analytics (Advertising) Privacy Policy
Trendkite
We use Trendkite to deploy digital advertising on sites supported by Trendkite. Ads are based on both Trendkite data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that Trendkite has collected from you. We use the data that we provide to Trendkite to better customize your digital advertising experience and present you with more relevant ads. Trendkite Privacy Policy
Hotjar
We use Hotjar to deploy digital advertising on sites supported by Hotjar. Ads are based on both Hotjar data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that Hotjar has collected from you. We use the data that we provide to Hotjar to better customize your digital advertising experience and present you with more relevant ads. Hotjar Privacy Policy
6 Sense
We use 6 Sense to deploy digital advertising on sites supported by 6 Sense. Ads are based on both 6 Sense data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that 6 Sense has collected from you. We use the data that we provide to 6 Sense to better customize your digital advertising experience and present you with more relevant ads. 6 Sense Privacy Policy
Terminus
We use Terminus to deploy digital advertising on sites supported by Terminus. Ads are based on both Terminus data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that Terminus has collected from you. We use the data that we provide to Terminus to better customize your digital advertising experience and present you with more relevant ads. Terminus Privacy Policy
StackAdapt
We use StackAdapt to deploy digital advertising on sites supported by StackAdapt. Ads are based on both StackAdapt data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that StackAdapt has collected from you. We use the data that we provide to StackAdapt to better customize your digital advertising experience and present you with more relevant ads. StackAdapt Privacy Policy
The Trade Desk
We use The Trade Desk to deploy digital advertising on sites supported by The Trade Desk. Ads are based on both The Trade Desk data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that The Trade Desk has collected from you. We use the data that we provide to The Trade Desk to better customize your digital advertising experience and present you with more relevant ads. The Trade Desk Privacy Policy
RollWorks
We use RollWorks to deploy digital advertising on sites supported by RollWorks. Ads are based on both RollWorks data and behavioral data that we collect while you’re on our sites. The data we collect may include pages you’ve visited, trials you’ve initiated, videos you’ve played, purchases you’ve made, and your IP address or device ID. This information may be combined with data that RollWorks has collected from you. We use the data that we provide to RollWorks to better customize your digital advertising experience and present you with more relevant ads. RollWorks Privacy Policy

Are you sure you want a less customized experience?

We can access your data only if you select "yes" for the categories on the previous screen. This lets us tailor our marketing so that it's more relevant for you. You can change your settings at any time by visiting our privacy statement

Your experience. Your choice.

We care about your privacy. The data we collect helps us understand how you use our products, what information you might be interested in, and what we can improve to make your engagement with Autodesk more rewarding.

May we collect and use your data to tailor your experience?

Explore the benefits of a customized experience by managing your privacy settings for this site or visit our Privacy Statement to learn more about your options.