Industrial manufacturing organizations have faced several challenges in the last few years. Perhaps the biggest change has been the need for personnel to perform critical tasks from outside the plant. This move toward more remote work has likely spurred more recent innovation and adoption than any other. Alexandre Peixoto, Emerson’s DeltaV™ product manager for cybersecurity, recently published an article with Efficient Plant magazine examining these new remote solutions and exploring three critical elements organizations should keep in mind to ensure they are delivering cybersecurity along with connectivity.
Fast but secure Many remote access strategies are deployed in response to an immediate need. Often, this does not leave organizations time to properly collaborate between IT and OT to properly support business continuity. Alexandre explains,
When IT and OT teams have time to work together to properly develop plans, the departments can reduce potential cybersecurity risks and better enable an operator’s ability to perform effectively.
When any remote connectivity solution is put in place, OT and IT teams should create documented policies and procedures that clearly identify how, when, and with what technology remote connections should be used. User-friendly Remote connectivity options work best when the users clearly understand how to use them. When solutions are designed to be simple but secure,
operators will be better positioned to help maintain plant cybersecurity.
It is also important to remember that users do not always need the same level of access off site as they would while on site. The more limited a remote user account’s options, the less damage can result if that account should be compromised. Alexandre offers a common example of how plants restrict user access to enforce security,
Control systems can be locked to prevent configuration changes without local system interaction…A system change would always need to go through a two-step approach: a remote offline change that is not immediately downloaded followed by an unlock sequence and download…performed by an in-plant person.
Building for security Many organizations are looking toward automation system upgrades to improve remote operations. New automation systems have built-in features that enforce more cybersecurity in remote (as well as local) connections. For example, integrated control and safety systems (ICSS) help reduce the footprint of automation, making it much easier to install and maintain cybersecurity protections for both control and safety functions, while keeping the two logically separate.