It’s not a secret. As the number of connected devices in factories grows, the companies are exposed to greater risks. And if this were not enough, these devices usually have different operating systems, some already outdated and without support. What can you do to prevent a cyber attack from stopping production?
A containment plan is very important for companies that want to mitigate the risks of an attack on their machines. In order to do this, segmenting and organizing the network is vital. To accomplish this task, in Sarenet we follow regulations such as IEC62443. It is also crucial to have a backup restoration service that speeds up the recovery of the factory in the case of a hypothetical cyber attack.
These are some of the benefits of having a containment plan:
- Enables dynamic segmentation.
- Prevents an IP threat from spreading through the company’s networks.
- Avoids uncontrolled access.
- Enables data traffic analysis.
- Improves the management of the network.
The organization of the connected devices in the factory must include the separation of these in “islands” that do not communicate with each other, but with a central device. It is also key to install in the DMZ area transition equipment between IT and OT networks, as well as firewalls.
How to mitigate the risks of machine access?
Although it is still common to access the devices locally, usually using a display integrated in the machine itself, it is increasingly common to do so remotely. In both cases it’s very important to track these connections because they access the core of the business. In the first case, it is also important to have a cybersecurity-aware staff. ¡People can be the weakest link in the chain!
When a company accepts a remote action request, the user accesses the corporate network via the perimeter firewall, so the right to access is guaranteed through a protected communication.
Allowing a direct connection between the corporate network and the industrial network, or between them and Internet, is against any good practice.
The following actions should be added to the network segmentation:
- Strong authentication strategies.
- Secure password policy.
- Proper user management and permissions.
Sarenet, as IoT Hub provider, is part of DTAM. This international project aims to advise workers and students on the road to advanced manufacturing by promoting Industry 4.0.