Secure, remote industrial access
How can remote access be granted to industrial facilities without increasing cybersecurity risks? Hardware, software and services are helping resolve the secure remote access challenges for manufacturers.
Learning Objectives
- Use remote access designs that enable flexibility, scalability.
- Consider cybersecurity testing and proof of concept for remote access.
- Avoid complex technical implementation or management requirements.
Cybersecurity threats – including ransomware attacks, espionage and data theft – continue to increase and pose challenges for manufacturing and industrial control system (ICS) and other networks. Manufacturers must continually evaluate and enhance network security to prevent malicious intrusion.
The COVID-19 pandemic adds the additional constraint of limiting physical access to facilities, which puts further pressure on network security personnel, engineering and maintenance staff, and outside vendors to remotely keep the ICS systems up and running without sacrificing security.
Implementing a combination of hardware, software, and services can provide stability during the uncertainty of COVID-19. A small industrial PC (DIN-rail mount form factor) with a cellular connection capabilities can power up and connect to an Ethernet switch anywhere on an operational technology (OT) network. The device can be disconnected when the issue is resolved.
Remote access designs for flexibility, scalability
Trusted software, hardware and service and support combine to enable remote access, in greater demand during COVID-19, without sacrificing security. The platform uses enterprise-wide technology common in the utility sector. After normal operations return, the device can be used for long-term, multi-facility implementation. During an emergency, remote access can allow a vendor to securely gain remote access.
With a flexible and scalable remote access architecture, manufacturers can give maintenance, original equipment manufacturers (OEMs) and commissioning resources can approach access in a “start small, test and scale up” fashion.
Cybersecurity remote access testing, proof of concept
In many cases, an organization may begin with one device as a proof of concept so that up-front capital commitment is minimal, and the user experience can be tested. Users can even test the product on real-world activities, such as remotely commissioning a device during COVID-19 or providing a vendor remote access to a system during a downtime event. After testing and feedback from users and stakeholders, a broader deployment can be made based on how many devices would be useful across the organization, and migrating development applications into the cloud based on systems to be connected.
No technical implementation or management requirements
To further simplify the process, this secure remote access solution is provided as a managed appliance, meaning the units received by the customer are pre-installed and pre-configured. Any changes or modifications that need to be made over time do not need to be done by the customer. This includes managing users, access privileges, cellular plan management and other tasks. In this way, technical deployment and management labor from the customer is nearly eliminated.
Through a flexible, scalable model, and reduced customer management, a remote access device helps customers focus on the operations that matter to them, rather than implementing and managing the technology for them to do so.
Jacob Chapman, director of industrial IT and cybersecurity at Grantek. Edited by Mark T. Hoske, content manager, Control Engineering, CFE Media and Technology, mhoske@cfemedia.com.
KEYWORDS: Automation implementation advice, remote access, cybersecurity
CONSIDER THIS
Is cybersecurity and complexity among increasing concern for remote access?
Do you have experience and expertise with the topics mentioned in this content? You should consider contributing to our CFE Media editorial team and getting the recognition you and your company deserve. Click here to start this process.