Five steps to better industrial security – Part One
Richard Mayr, COPA-DATA
According to the Global State of Information Security Survey 2016, 38% more security incidents were detected in 2015 than the previous year. As a result, industrial businesses across the world are implementing new strategies to improve security. Reassuringly, 91% of survey respondents have a risk-based security framework in place, but the most cited source of compromise still lies with employees. Rather than jumping to the conclusion that these compromises are intentional, consider how much the usual employee actually knows about keeping your system safe.
Here Reinhard Mayr, product manager of industrial automation software specialist, COPA-DATA discusses the five vital steps any manufacturer can take to improve the security of connected automated systems.
1.Assess existing systems to identify potential threats
For most automated systems, an integrated user administration service is used to protect information and stop unauthorised personnel from gaining access. However, for the added security necessary in today’s facilities, COPA-DATA recommends encrypting all data that is transmitted over networks to other stations and companies. When the information reaches the receiving end, digital certificates can be implemented to assure the recipient that the information is legitimate and hasn’t been tampered with during transmission.
However, for automated SCADA systems, encrypting data can be a disadvantage to productivity. Transmission of encrypted data can only be done over a high-performance network, lengthening the process for standard users. Also, for bigger facilities using more than one system, the level of encryption needs to be consistent. If one system is working at a lower level, then money and resources are being wasted encrypting more extensively across other networks.
SCADA engineers need to identify the security risks in their application and pinpoint what data needs to be protected. For example, if employee training records were to be accessed, the consequences wouldn’t be as drastic as, per say, if more private product specification documents were instead compromised.
It’s logical to assume that many companies have confidential product information stored on their network. The last thing they would want is for this private data to be made available to competitors and the wider audience, or worse destroyed, as it could mean losing years of research and significant product advantages just because of one security flaw.
2.Set up a SCADA security system
Trends like Industrie 4.0, smart grids and smart factories are all opening systems up to security risks. Previously, manufacturing and IT departments had isolated systems, increased connectivity is bringing the two together. It is almost impossible to share information over a network and not risk unauthorised personnel gaining access. However, industrial automation software, such as COPA-DATA’s zenon has the ability to encrypt data across the network and provides centralised user administration, so obstructions are in place to stop breaches.
The ability to set parameters is one of the most significant features that zenon provides to strengthen industrial security. Standard products, firewalls and interfaces that open communication ports are usually not configured, meaning intruders can see which doors are open. zenon fits into local settings, meaning the open ports aren’t as easily identified. Think of it as zenon camouflaging your system’s weakest points.