Controlling Virtual Traffic
With secure remote access, you can manage the policy and procedures, control who has access to what, ensure secure communications, and conduct audits and traceability of service.
One way to restrict access is to enact a specific firewall rule configuration that only allows outbound, not inbound, traffic from your site. That inbound traffic is restricted to specific IP addresses with authentication requirements, further limiting that access. By restricting the communications capabilities and managing access, you’re able to monitor, track and log all activity.
Not only does this give manufacturers the power to proactively control the virtual traffic on their plant floors, but it provides enormous value by providing timely issue resolution and reducing unplanned downtime. In manufacturing, time is money – secure remote access can help protect your bottom line by helping you make modifications to the production environment more quickly, run more efficiently, and make better data-driven decisions.
People, Policy and Procedures
In order to make security a part of the workplace culture, manufacturers need to focus on three things: People, policy and procedures.
- People: This includes everyone who is involved in the use and management of secure remote access, including third-party security providers, OEMs and system integrators who have users with access, site staff and managers, and the corporate governance team. These teams are key to making policies and procedures work. And with the right education and training, they will help you create a culture of security in the workplace that will help decrease vulnerabilities and risk.
- Policy: The policy is where you start – this guiding principle defines how secure remote access will be managed. It should outline who needs access, to what, and why. It should address whether there’s one process or multiple, whether access is centralized or spread out, and whether this is active or passive management. Are there other policies that need to be taken into consideration when developing this one, such as the overall security profile? If you already have a policy for physical security, which might include badge access and rules about who is allowed where, how does that extend to or interconnect with the remote community? If you want to revise your current policy, review logging and traceability capabilities as well as audit results. And don’t forget to test your own system to look for holes and improvements.
- Procedures: This is where you explain what steps need to be followed to enact the policy. When documented and put into place, procedures provide great value as playbooks that anyone should be able to understand and follow. Procedures bring it full circle – ensuring that the people involved are properly communicated with, that consistency is maintained through any workforce turnover, and that a culture of security is part of the conversation.
Security and Network Solutions, Customized for Your Needs
Whether you’re starting from scratch and or looking to improve your current secure remote access policy and procedures, Rockwell Automation Security Services can help. We can help you proactively control and manage the access of OEMs, SIs and other partners. We can also provide solutions to help you deal with the industrial skills gap – whether that means maximizing the impact of your current staff by leveraging their skills remotely, or outsourcing a remote monitoring and administration capability to our team of engineers.
The bottom line for manufacturers is: if you don’t actively manage the remote access to your plant floor, you are exposing your assets to vulnerability risk. And every day, those risks just get more serious.