COVID-19 forced organizations all over the world to transition their employees to a work-from-home policy. That change came at a time when organizations’ connected infrastructure is more complex than ever. Such complexity doesn’t just extend across IT environments, either. Indeed, machines and production processes are also becoming increasingly complex as organizations with OT environments seek to address the challenges of the 21st century. The meeting of these two developments creates a central question: how do organizations with OT environments ensure secure remote access? To answer that question, we need to first understand why remote access is necessary for OT environments. From there, we will discuss how organizations can facilitate secure remote access to their OT environments. Finally, we’ll identify some risks that complicate this process before revealing how a new partnership involving Tripwire can help to address those challenges.
Why Remote Access Is Necessary for OT Environments
Remote access to OT environments boils down to productivity. Administrators are under increasing pressure to provide access to individuals who can’t access OT assets physically. Remote access is especially concerning for the nearly half of the Fortune 2000 organizations that consider OT networks to be critical components to their business, as reported by Security Week. On a more granular level, organizations have several reasons for enabling remote access to their OT environments. Software Toolbox identified three such factors:
- Empowering decision-makers with data access and visibility: Decision-makers need access to and visibility over data if they are to safeguard the organization’s interests. They need timely information to make the right decisions.
- Centralizing access across geographically distributed systems: Many organizations that own or operate OT environments have assets that are scattered across different countries and continents. This makes it difficult for people like remote workers to monitor those devices all at once. Remote access solves this problem by enabling an authenticated user to access those systems from anywhere in the world. Alternatively, organizations can centralize these access sessions within a single operations center.
- Streamlining work with third parties: Organizations that own or operate OT environments need to be able to work with their third-party vendors, contractors and suppliers. This can be difficult depending on the scope of the supply chain. As a result, organizations could use remote access to share key important data with third parties rather than grant them full access to their entire environments.
- Facilitating the implementation of updates: Per Security Week, many industrial control systems come with a contract through which equipment manufacturers are responsible for providing remote maintenance. It’s therefore critical that organizations ensure there’s remote access available to these device manufacturers. Otherwise, they could risk those OT assets not receiving an important update or fix when it’s misbehaving, for example.
How to Ensure Secure Remote Access to Your OT Environment
Organizations can lay the groundwork for secret remote access by not enabling remote access by default. This means that organizations need to view remote access as the exception, not the rule, for specific OT technologies that warrant such connectivity. To make that access as secure as possible, organizations should get members from the OT security, IT security and engineering teams as well as vendors and maintenance support professionals to work together in supporting secure remote access. In that collaborative environment, those working to ensure secure remote access should consider leveraging guidance such as NIST SP 800-82 and NERC-CIP. Such standards can help team members designate which systems need remote, which means of multi-factor authentication can be implemented to protect that access and how they can log those remote access sessions. The issue is that it’s difficult to do all of that manually. That’s why Tripwire is partnering with ProSoft to resell ProSoft Secure Remote Access (SRA) solutions. Built using a container and microservices architecture, ProSoft is a cloud-native, easy-to-use platform that talks directly with automation devices without complicated setups. This enables ProSoft Connect to set up two types of remote connections: on-demand Secure Remote Access (SRA) that’s for a specific purpose and an always-on Persistent Data Network (PDN) option. Additionally, ProSoft uses a multilayered approach consisting of Single Sign-On (SSO), multi-factor authentication (MFA) and other security controls to help customers manage multiple clients and users at once.
Mastering Security Configuration Management
Master Security Configuration Management with Tripwire's guide on best practices. This resource explores SCM's role in modern cybersecurity, reducing the attack surface, and achieving compliance with regulations. Gain practical insights for using SCM effectively in various environments.