We’ve identified several challenges when working in external Autodesk Construction Cloud (ACC) portals where our team members are added as collaborators or share data via Bridge. These situations often result in reduced visibility and control over company data, permissions, and intellectual property.
When a Revit model is published, regardless of whether certain elements such as legends, views, or schedules are excluded any user with download rights to the folder containing that published version can still download the source file, which includes all excluded information.
In external portals, where administrative control lies with another organization, this creates significant risk. To maintain control, we would need to negotiate that all versions of our Revot models remain “view only” for any non-EDGE participants. However, this approach is both impractical and unenforceable in real-world collaboration scenarios.
Additionally, it appears that within these external environments, folders may exist that contain our models but to which we have no visibility or permission control. Without a mechanism for the originating account to maintain oversight. ACC’s use as a Common Data Environment (CDE) is undermined by the lack of intellectual property protection.
Below are a few ideas and suggestions that could significantly improve administrative control and data security in these cases.
Admin Visibility into External Projects
When a user from our organization is added to an external ACC project, account administrators currently have no visibility of these connections.
Suggestion: Allow originating account admins to automatically view or report on all external projects their users are participating in. This would support oversight, compliance, and lifecycle management of shared data.
Control Over Data Created on External Portals
When our staff create workshare Revit models on an external portal, that data effectively becomes controlled by the host project’s admins.
Suggestion: Introduce an option for the originating account to retain “ownership” or administrative oversight over any data created by its users, regardless of the hosting account.
Administrative Permissions over Bridged Data
When Revit models are shared through Bridge, the original creator loses admin rights over their data once it enters the external environment.
Suggestion: Allow the originating account to retain administrative permissions over bridged data by default without requiring admin rights within the recipient’s portal.
Restricting Download of Source Files
Currently, users with download permissions on a published model can also download the source Revit file, even if only specific views were published.
Suggestion:
Disable “Download Source File” by default for anyone outside the originating company unless explicitly permitted.
Ensure that any published model available for download only contains the content intentionally published, not the entire model or embedded IP.
Data Lifecycle and Archiving
Once a project is complete or access is removed, there’s limited ability to recover or archive the data that was hosted externally.
Suggestion: Introduce tools or automated workflows that allow the originating account to archive, back up, or retrieve its content at project closeout for projects hosted outside the organization’s own portal.
Regards,
Steven Eadie
BIM Manager | Edge Consulting Engineers
