COVID-19 and remote access challenges for manufacturers
With the unprecedented movement toward workers staying away from the office in an effort to help slow the growth of COVID-19 (coronavirus), some companies are stepping up at no cost to help ensure a more secure transition for employers moving toward remote operations.
Bayshore Networks, GE Digital and PC Matic are moving in that direction.
“One of those ways we can help is to offer our remote access solution free for use to industrial and critical infrastructure companies for 90 days as many of us must shelter-in-place, while working from home, hoping to see these measures end sooner than later,” said Toby Weir-Jones, chief product officer at Bayshore Networks.
With more people working from home and remoting into a control system, that could mean additional risks could end up added on top of usual every day perils a manufacturer faces.
In the rush to get everything set up quickly and properly, the idea of network privilege could come into play. In their haste to get everything up, network administrators could have granted these new work-at-home workers greater network access.
With the knowledge home networks are not as secure as a manufacturing company’s network, that could have potential attackers salivating at the prospect.
Free trial for manufacturers
Bayshore is offering its OTaccess to allow for a protected remote access for staffers or contractors to directly connect to OT assets within the production environment. OTaccess does this without enabling any kind of general network access, and provides continuous monitoring of the entire session, end-to-end, enforcing read/read-write/read-write-change permissions for every asset, to every user.
Bayshore said it will be launching its 90-day evaluation offer for OTaccess to anyone who wants to try it out. Manufacturers will be able to configure up to 100 users and 100 protected endpoints, and use those in an unlimited capacity, with no charge for 90 days.
Along the same lines, GE Digital is offering free remote monitoring and control licenses to its iFIX and CIMPLICITY customers, allowing them to work remotely and continue to keep their plants up and running.
The solution gives plant operators and management teams real-time monitoring and control access to plant operations and performance over a secure-by-design connection. The move allows critical infrastructure operations to continue operating with a skeleton crew on site, but still have an eye on operations from those working at home.
The goal behind the offer is to make it easier for mission-critical industries to continue providing vital services to communities.
Whitelist technology for manufacturers
In addition, cybersecurity firm PC Matic said they are offering its suite of enterprise-level cybersecurity and remote-management tools free of charge to companies who are implementing work from home policies in response to the ongoing threats of COVID-19.
The solution, called PC Matic Pro, utilizes the company’s proprietary real-time whitelist technology to block all unwanted and unsafe programs from executing on workstations and affords employers the flexibility to access and manage workstations from a secure cloud-based portal.
The offer is for PC Matic Pro to go to businesses with ten or more remote workstations, and all onboarding and support services will be available at no charge. Businesses who take advantage of this offer will have access to the solution until June 30. This is also available to managed service providers (MSPs) and their customers.
Along the lines of working on a remote basis, switching from the office to home can create cybersecurity problems for employers and employees. Here are some general tips to help guide those working at home:
- Be suspicious of any emails asking people to check or renew their passwords and login credentials
- Suspicious of emails from people you don’t know
- Ensure your Wi-Fi connection is secure
- Ensure anti-virus is in place and fully updated
- Lock your screen if you work in a shared space
- Check if you have encryption tools installed.
Whether a manufacturer takes advantage of the remote operations offers or they decide to do it on their own, the idea is they have to make sure the technology works, and it is secure.
“The lesson we have to learn from this is if we are going to be called upon to periodically work remote in some kind of disaster where you have remote operations, they better be robust they better be resilient, and they better be secure,” said John Cusimano, vice president of cybersecurity at aeSolutions. “If you send everybody home and expect them to work remotely, if that technology doesn’t work, you are in a real mess.”