Secure, remote industrial access

How can remote access be granted to industrial facilities without increasing cybersecurity risks? Hardware, software and services are helping resolve the secure remote access challenges for manufacturers.

By Jacob Chapman February 7, 2021

 

Learning Objectives

  • Use remote access designs that enable flexibility, scalability.  
  • Consider cybersecurity testing and proof of concept for remote access. 
  • Avoid complex technical implementation or management requirements. 

Cybersecurity threats – including ransomware attacks, espionage and data theft – continue to increase and pose challenges for manufacturing and industrial control system (ICS) and other networks. Manufacturers must continually evaluate and enhance network security to prevent malicious intrusion.

The COVID-19 pandemic adds the additional constraint of limiting physical access to facilities, which puts further pressure on network security personnel, engineering and maintenance staff, and outside vendors to remotely keep the ICS systems up and running without sacrificing security.

Implementing a combination of hardware, software, and services can provide stability during the uncertainty of COVID-19. A small industrial PC (DIN-rail mount form factor) with a cellular connection capabilities can power up and connect to an Ethernet switch anywhere on an operational technology (OT) network. The device can be disconnected when the issue is resolved.

Remote access designs for flexibility, scalability

Trusted software, hardware and service and support combine to enable remote access, in greater demand during COVID-19, without sacrificing security. The platform uses enterprise-wide technology common in the utility sector. After normal operations return, the device can be used for long-term, multi-facility implementation. During an emergency, remote access can allow a vendor to securely gain remote access.

With a flexible and scalable remote access architecture, manufacturers can give maintenance, original equipment manufacturers (OEMs) and commissioning resources can approach access in a “start small, test and scale up” fashion.

Cybersecurity remote access testing, proof of concept

In many cases, an organization may begin with one device as a proof of concept so that up-front capital commitment is minimal, and the user experience can be tested. Users can even test the product on real-world activities, such as remotely commissioning a device during COVID-19 or providing a vendor remote access to a system during a downtime event. After testing and feedback from users and stakeholders, a broader deployment can be made based on how many devices would be useful across the organization, and migrating development applications into the cloud based on systems to be connected.

No technical implementation or management requirements

To further simplify the process, this secure remote access solution is provided as a managed appliance, meaning the units received by the customer are pre-installed and pre-configured. Any changes or modifications that need to be made over time do not need to be done by the customer. This includes managing users, access privileges, cellular plan management and other tasks. In this way, technical deployment and management labor from the customer is nearly eliminated.

Through a flexible, scalable model, and reduced customer management, a remote access device helps customers focus on the operations that matter to them, rather than implementing and managing the technology for them to do so.

Jacob Chapman, director of industrial IT and cybersecurity at Grantek. Edited by Mark T. Hoske, content manager, Control Engineering, CFE Media and Technology, mhoske@cfemedia.com.

KEYWORDS: Automation implementation advice, remote access, cybersecurity

CONSIDER THIS 

Is cybersecurity and complexity among increasing concern for remote access?


Author Bio: Jacob Chapman has a background in automation engineering, project management, account management, industrial networking, and ICS cybersecurity within the food and beverage, pharmaceutical, and energy generation sectors, among others. Jacob currently leads the industrial IT and cybersecurity solutions and services at Grantek, which help manufacturers develop their facility infrastructures, including their industrial network architectures, local and cloud computing systems, and cybersecurity programs. As Grantek’s leader in the space, Jacob maintains involvement and leadership positions in international societies and standard bodies - including the Cybersecurity Committee Chair of ISA’s Smart Manufacturing & IIoT Division, a Registered U.S. Expert to TC65 of the IEC, member of Manufacturing Enterprise Solutions Association's Cybersecurity Workgroup, and a member of the ISA99 standards development committee.