Month: January 2021

Several industrial enterprises don’t have even a simple security policy jotted down. Begin by creating and enforcing a set of written security policies and procedures for your plant that will summarize who should be able to access the network in the first place and how.

It should encompass permanent employees and outworkers, while also spelling out what assets they can evaluate, define acceptable asset use, and define reporting instruments for events. Written policies should also comprise an incident response plan, including any measures to restore critical production systems following a security event.

Physical security is key

Some of the most severe harm comes from within, when entry is gained from the factory floor. Whether it’s foiling inventory lift, data loss or intellectual property theft, businesses can take advantage of a wide-ranging physical security solution combined with a safe wired and wireless industrial network.

Defend assets with physical access limits like locks, key cards, and video surveillance. Where hands-on, you can also add device verification and authorization, plus encryption.

Take a rounded approach

The chances of a breach increase with a rise in more connections in your manufacturing setting. Your network cannot be secured by any single technology, product, or technique. Defending important manufacturing assets needs a rounded approach that uses numerous layers of protection to address different types of threats.

A rudimentary mapping exercise will help you get started, providing a catalogue of all the devices and software on your network. Remember, ‘air gap’ approaches are imperfect – just because a robot or device isn’t linked to the network doesn’t mean it’s totally safe. One corrupt or malicious thumb drive will put a remote machine at risk of unintended downtime or worse, safety events.

Isolate your sub-systems

To establish zones and design schemas to segment and segregate your sub-systems, it’s important to use industry best practices. On the network boundary, firewalls and intrusion detection will help you foil threats, while within the network, using out-of-band deep packet inspection (DPI) in your routers, switches, and other network devices can help you detect viruses, spam, and other intrusions.

Stop attackers in their tracks

An important segment of any company’s network architecture spans the internet edge, where the business network meets the public internet. Internet edge is the doorway to cyberspace, and serves numerous roles for the characteristic enterprise network. As network users stretch out to websites and use email for corporate communication, you need to keep your business resources both reachable and protected.

Takeaway

In time, manufacturers who rise to the challenge of digitization by enforcing the next generation of security defenses built for the age of the IIoT will gain competitive edge in the process. By thinking holistically and integrating multiple layers of protection, you can defend intellectual property and physical assets from accidental breaches and cyber theft, while accelerating threat resolution, decreasing downtime, and driving productivity gains across your services.