- By Honeywell Cybersecurity
- May 25, 2020
- Honeywell Inc.
By Honeywell Cybersecurity
Although a part of disaster planning and recovery in increasing resilience, industrial-grade secure remote access also represents a strategic investment that can help grow a company’s operational excellence and capabilities.
Jeff Zindel, Vice President and General Manager, Honeywell Connected Enterprise, Cybersecurity
A March 2020 Forrester report notes that provisioning employees with remote access technologies is a key continuity strategy at 88 percent of organizations surveyed, while Gartner recommends to “accelerate the development of a technology infrastructure that can support alternative types of working.” In the same timeframe, the US government’s Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory to critical infrastructure companies to prepare for remote work scenarios in light of the Covid-19 health pandemic. While some office personnel have the ability to work remotely, manufacturing and industrial operations must keep the lights on. This includes a reliance on highly specialized technicians to monitor, diagnose and regularly operate capital-intensive assets, whether turbines, pulp machinery or gas and water pumps. Such privileged
access is critical to keep operations running and requires a specialized approach. Fortunately, industrial software innovations have increased in pace and scale. More options exist today for how and where an industrial enterprise runs and services its operations remotely, together with updated security controls.
By designing and implementing robust digital operations, with the proper safeguards in place, industrial enterprises can manage through unplanned downtime and even increase efficiencies and performance. Specific to the needs of industrial operators, advanced secure remote access technologies go beyond the scope of traditional IT VPN requirements to enable a safer and more controlled approach to running and maintaining processes from a distance. Although a part of disaster planning and recovery in increasing resilience, industrial-grade secure remote access also represents a strategic investment that can help grow a company’s operational excellence and capabilities.
IT AND OT REMOTE ACCESS REQUIREMENTS ARE NOT THE SAME
A critical starting point in approaching remote operations is to recognize the major considerations unique to industrial environments that rely on operational technologies (OT). A common mistake at the business level is to assume that assets are not differentiated – yet an IT business PC is a far cry from an engineering workstation PC, let alone a station that is tied to multiple critical operational processes. These stations may control processes that impact furnace temperatures, flow settings, and other physical attributes. Any disregard for verified OS patches, critical infrastructure hardening per Center for Internet Security standards, or other customized configurations and systems can result in the loss of human life, irreversible environmental impact and other serious physical dangers. This is easier said than done, especially in times of crisis when top-down decisions can be made under pressure and amidst false or changing information. Before deploying any remote access solutions, it is essential to ensure careful review by operational leaders and specialists, including any OT technical provider partners.
In this OT context, remote connectivity may be best described as secure machine to- person communication and access, rather than person-to-person. IT solutions are not typically the safest option in machine-to-person remote access situations, focused more on protecting data alone than ensuring industrial process integrity. The technical requirements list to determine safe remote access for industrial operations may include specific items to protect uptime and process integrity, such as:
- Understanding of industrial-specific protocols, some of which may be greater than 20 years old or unique to a set of assets which are critical to operations.
- A vendor-agnostic solution to ensure mixed vintage and mixed provider assets can be managed.
- Governance controls for flexibility based on the site specifics, such as allowing the local plant manager to authorize or deny remote access requests or establish thresholds for the time duration of each remote access session.
- Ability to connect to a remote asset without requiring the endpoint asset to install any agents or local software. Such unverified agents can represent risk of disruption, not limited to freezing the asset, causing a reboot, or otherwise interfering with a process driven by that asset.
- Ability to terminate, record and playback remote sessions, including any actions taken by the operator to troubleshoot or maintain the system.
It is estimated that at least a 35% efficiency gain can be achieved through automation, and improvements in cybersecurity risk management can help mitigate an estimated $75M in cyber-attack damage. Automated discovery and inventory of operational assets alone can reduce labor costs by approximately $200,000 a year, depending on organization size, location and asset composition. In business continuity situations, the benefits of secure remote access technology become immeasurable because you are keeping operations running, even with limited staff or no local staff.
The uptime of facilities processing or producing goods and services is constantly impacted, whether by market, technical, human or other conditions that continually change. An essential component of a robust OT architecture is the ability to connect to operating assets, whether on site or remotely. This capability is especially useful to operating personnel, who bear the burden of actively managing assets day in and day out, yet who are frequently short-staffed and tasked with a wide range of work responsibilities. The same person accountable for cybersecurity may also be called on for updating standard operating procedures and for managing budget and staff planning, for example.
Use cases for industrial-grade secure remote access can include:
Staff on Medical Leave
In situations where it is difficult to allow staff to access a site, or one in which the usual supporting staff are not available due to situations such as medical leave, remote access provides an option for business continuity. Consider a refinery with operations in Argentina and on the Norwegian Continental Shelf: if local staffing is limited, secure remote access can allow technicians at Canadian headquarters to view and act on regional assets. Through the playback of these sessions, operational leaders at both sites can even refine their approaches. They may learn new ways of troubleshooting an asset based on the specific staffer’s expertise, or they may update policies to prevent a resolved issue at one site from occurring again elsewhere (e.g. a worker brought in a USB that carried malware). As staff situations change, the remote access solution can enable rotating shifts from multiple geographic locations, as well as from different organizations (e.g. a partner vendor or third-party specialist). New staff who are onboarding to backfill medical leave personnel can leverage the secure remote access recordings as real-world training and can do so while maintaining mandatory social distance. This access and management flexibility increases the ability to consistently staff operations despite personnel disruptions.
Exploitation of Connectivity
Cybersecurity is an on-going concern that affects remote operations as malicious actors leverage unmanaged or poorly monitored connection points. Secure remote access solutions that centralize and control activities at a granular level can help mitigate risk of this exploitation. Closely controlling and monitoring connections, together with logs and recorded sessions, can help with cybersecurity threat mitigation as well as compliance.
Particularly in times of crisis, hackers’ prey on panic and human emotions. They deploy social engineering efforts and other scams that trick employees into allowing access or otherwise breaking security policies. Policies established and enforced through a secure remote access solution can raise alerts and automate actions to rapidly act on discovered threats or attempts at exploitation. Establishing secure remote access can also positively influence network segmentation, and related privileged access rights assigned to specific personnel. Together with solutions such as threat monitoring, these safeguards can increase the OT network’s resilience both short term and long term.
A common use case for industrial grade secure remote access includes situations where operations have already been centralized across multiple sites, to improve cost efficiencies or offset the challenges of staffing offshore or isolated physical locations. In these cases, centralized solutions can help standardize how secure remote connections are managed across assets at any number of locations. Considering there could be dozens of technicians from multiple vendors maintaining a globally distributed OT environment on any given day, a centralized view into all connectivity helps tighten control and reduce inefficiencies. All requests are funneled through the same secure tunnel, including verification of the technician, session authorization by the local plant owner/operator, and logging of the recorded session for oversight and staff training purposes. Rather than allowing the risky conditions of disparate and ad hoc verification of important plant connectivity, operational leaders can unify and simplify oversight of remote connections. In the case of a pulp and paper company, as one example, more than 80 non-standard solutions were consolidated down to a single remote access solution for over 140 sites.
To learn more about Secure Remote Access, please contact Honeywell Cybersecurity Team by visiting www.becybersecure.com.
Did you enjoy this great article?
Check out our free e-newsletters to read more great articles..Subscribe