The line between IT and OT is getting more and more blurry as demands for availability is increasing – this falls under the definition of IT and OT convergence. Administrating, monitoring, and controlling your OT remotely or through a 3rd party to support your environment is getting more and more common.
There have been incidents that would have been very dangerous for the public, for example a situation in Florida where a hacker penetrated the system of a water supplier though their remote access, trying to poison the water supply. Fortunately, the attack was noticed in time to stop the hacker from poisoning the public drinking water.
Since the information in OT systems is very important for the company that uses the system, and sometimes even important for society, it is most important that these systems are protected.
Secure Remote Access for OT systems
Many organisations depend on remote access, for example to allow suppliers to perform maintenance, or to ensure that operating personnel can monitor and control a system. Secure remote access solves many of the security risks that are otherwise associated with such solutions.
It is very important to be able to manage and monitor systems remotely. General network connections such as IPsec or TLS are sometimes used to connect data networks remotely. In terms of IT security, such connections mean that both systems are exposed to the sum of the threats facing each of them. A common feature of many remote access systems is that they are universal and have adaptations and functions for everything from office work to system administration. This also means that there are risks of both incorrect configuration and implementation bugs.
A jump server is often used as an intermediary. The aim is to limit any undesired traffic from the user’s PC to the target system. The software that the user wants to use is run on the jump server and communicates with the target system via standard protocols. These are some of the risks of such solutions:
- The risk of unauthorised persons using the connection
- The risk of the connection being used at the wrong time
- The risk of the connection being used for the wrong purpose
- The risk of connecting peripheral devices
Remote access can be made secure by using RDP and protecting the jump server with an explicit security solution. SecuriCDS ZoneGuard for RDP is such a solution. Using RDP and protecting communication with ZoneGuard achieves both security and functionality:
- Only authorised users can use the connection at permitted times.
- The connection can only be made to the systems intended.
- No risk of transfer of malicious code at network level.
- No exposure to peripheral devices.
- Traceability: who did what when?
Read more about the solution in our solution description!
Secure File Import for OT systems
Another security risk for OT systems is transferring files between security domains. This can be a risk to the integrity and confidentiality of the receiving system. Malware in your secret network may exfiltrate information or perform sabotage by altering or make information inaccessible by ransomware. To avoid the above mentioned, it must be secured that there is no malicious code in the data before it is imported.
The File Security Screener is designed to automatically handle files and security scanning. Only allow-listed file types will be security scanned, sanitised and transferred. The degree of security scanning and sanitation required before importing a file may vary based on the trust of the source network. The File Security Screener can be configured to act differently based on source, trust-levels and many other criteria. The File Security Screener provides an efficient, scalable and trusted solution for secure file import that supports all major antivirus/antimalware software.
Do you need help securing your OT systems? We will help you find a solution!