Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

How to Address the Surging Need for Secure Remote Access to OT Networks

Strategies for Evaluating Secure Remote Access Solutions for OT/ICS Networks

Strategies for Evaluating Secure Remote Access Solutions for OT/ICS Networks

Over the past decade, the number of employees in the U.S. working from home half-time or more has risen to an estimated five million, according to Global Workplace Analytics. However, those numbers now pale in comparison to today’s reality of businesses everywhere encouraging as many workers as possible to work from home. 

As the size of the remote workforce surges, network administrators of operational technology (OT) networks find themselves on the front lines of enablement. They need to provide online connectivity to users who typically access industrial control systems physically, while remaining confident that security isn’t compromised. The task is significant as every company in the world relies on these networks. For nearly half of the Fortune 2000 – in industries including oil and gas, energy, utilities, manufacturing, pharmaceuticals, and food and beverage – these networks are critical components to their business. While the rest rely on OT networks to run their office infrastructure – lights, elevators, and datacenter infrastructure. 

Who are the users who need remote access to OT environments and why? They generally fall into the following categories:

• Equipment manufacturers – In most cases, at the time of purchase, the industrial control systems that comprise these networks include a contract for remote maintenance by the manufacturers themselves. Network administrators are accustomed to supporting these users to service existing machinery, including providing updates, error fixing and performance readings, so this is not a new requirement.

 Remote workers – However, the challenge escalates when you look at this group of users. In today’s business climate this could mean providing any employee who previously worked onsite but is now working outside the facility, with online access so they can continue to do their jobs. For example, making changes to production lines and manufacturing processes. 

• Third-party contractors – Finally, many businesses outsource services to companies that specialize in specific operational areas, such as production optimization. Contractors who previously provided these services physically, now need remote access to relevant equipment to support their contract and keep production lines running smoothly. These services can become even more mission critical during times of disruption, depending on the industry and products and services provided.

Allowing for various types of users, systems, access levels, and functions is a complex connectivity challenge. Yet, standard access paths provided by the IT department often don’t match the specific use cases we see in the OT environment. 

Advertisement. Scroll to continue reading.

In times like these, where every organization is reducing staff on site, the need for secure remote access is increased. Whether your company is assessing your existing capability to provide secure connectivity to your OT environment and assets, or considering new solutions, these three questions can help guide your evaluation:

1. Do you have granular privileged access control? A maintenance person from a manufacturer of a control system for example, likely only needs to access a specific controller for a specific task for a limited time. To mitigate risk, you need to be able to extend access for that specific user only to necessary assets for a set time window with a few simple clicks.

2. Can you proactively monitor, prevent, and audit access? You need visibility and control over third-party and employee access before, during, and after a remote session takes place. This includes the ability to observe activity in real time and terminate the session if needed, as well as view recordings in retrospect for auditing and forensic purposes.

3. Are workflows and processes secure? Instead of relying on third parties for password hygiene, many of whom share passwords among multiple individuals, you need the ability to centrally manage user credentials with a password vault and validate each user with multi-factor authentication. Additionally, many times the nature of the work involves installing a new file. To ensure file integrity you also need to provide secure file transfer.

Remote access can increase your level of exposure and jeopardize maintenance and production. Thankfully by ensuring you have granularity of control, the ability to audit access, and additional levels of security, such as password vaulting and secure file transfer, you can mitigate that risk. And, importantly, give those on the front lines – network administrators of OT networks – confidence in their ability to address the surge in requests for greater connectivity to these critical environments, without compromising security.

Related: Learn more at SecurityWeek’s ICS Cyber Security Conference

Written By

Galina Antova is the Co-founder and Chief Business Development Officer at Claroty. Prior to that, she was the Global Head of Industrial Security Services at Siemens, overseeing development of its services that protect industrial customers against cyber-attacks. She was also responsible for leading its Cyber Security Practice and Cyber Security Operations Center, which provided managed security services for industrial control systems operators. Previously, Ms. Antova was with IBM Canada, with roles in the Provisioning and Cloud Solutions business. She holds a BS in Computer Science from York University in Toronto, and an MBA from the International Institute of Management and Development (IMD) in Lausanne, Switzerland.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

ICS/OT

The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

ICS/OT

Municipal Water Authority of Aliquippa in Pennsylvania confirms that hackers took control of a booster station, but says no risk to drinking water or...

ICS/OT

Mandiant's Chief analyst urges critical infrastructure defenders to work on finding and removing traces of Volt Typhoon, a Chinese government-backed hacking team caught in...

Cybercrime

Energy giants Schneider Electric and Siemens Energy confirm being targeted by the Cl0p ransomware group in the campaign exploiting a MOVEit zero-day.

ICS/OT

Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.