Your customer may work in a regulated industry such as aerospace, defense, or federal contracting. To comply with strict government regulations—like ITAR (International Traffic in Arms Regulations)—they must protect certain technical data and sensitive information when working with suppliers.
Rather than sharing ITAR-regulated documents directly through SourceDay, your customer uses a secure documentation link strategy. This means technical documents are stored in a separate, compliant system, and you’ll receive a secure link to access them via your purchase order in SourceDay.
Why this matters
ITAR regulations prohibit unauthorized sharing of controlled technical data, including engineering drawings, specs, and defense-related product information. These rules apply to both U.S. and foreign companies working with ITAR-regulated customers.
Because SourceDay is not ITAR-certified and does not store sensitive documents, we helps customers meet compliance requirements by:
- Allowing secure links to externally hosted documents
- Ensuring that regulated data is never uploaded directly to SourceDay
- Keeping collaboration centralized while maintaining strict data security
This setup protects both the buying organization and you as a supplier.
What this means for you
If your customer collaborates with you under ITAR compliance:
- You may see a document url in the PO line or header or on the dashboard
- This link takes you to a file stored in a secure, customer-managed document management system (such as SharePoint, Box, or another secure platform)
- You will only be able to access the file if the customer has granted you the proper permissions
- You may only see generic Item P/N and descriptions in SourceDay
SourceDay does not host the file itself, but simply displays the url for easy access in the PO dashboard.
How to access secure documents
- Log into SourceDay and open the purchase order from your customer
- Look for a document url in the PO header or specific PO line
- you may need to add the columns to your dashboard
- Learn more about adding columns
- Copy & paste the url into a secure browser
- If prompted to log in or enter a password:
- Use the credentials or access method your customer provided
- If you do not have access, contact the buyer directly to request permission
🔐 Important: If the url doesn’t work or you are denied access, this is not an issue with SourceDay. The buyer controls document access on their system.
Tips for working with secure document links
- Always check your PO dashboard for important links or instructions
- Do not forward links to unauthorized individuals
- Store login credentials securely if you’ve been granted access to the buyer’s system
- If you have questions about a document or can’t access it, contact your customer’s buyer or account manager directly
- Use SourceDay’s messaging tools to leave comments or questions within the PO workflow if needed
What SourceDay does (and doesn’t do)
| SourceDay Does | SourceDay Does Not |
|---|---|
| Display secure links to external documents | Store or host ITAR-regulated files |
| Help buyers and suppliers collaborate | Grant or control access to linked documents |
| Keep PO-level collaboration centralized | Validate or enforce ITAR/CUI compliance |
Questions?
If you're unsure how to access a document or believe you're missing a file link, reach out to the buyer listed on the PO. For questions about using the SourceDay platform, contact SourceDay Support at support@sourceday.com.