Keep Remote Access Cyber Secure
EP Editorial Staff | July 29, 2020
Well-planned solutions that promote secure monitoring from outside the plant help ensure business continuity.
By Alexandre Peixoto, Emerson
It’s no longer enough to focus on maintaining performance and availability in normal times. Organizations must be prepared to meet the same standards of production when operating with limited staff or when needing to increase cost effectiveness during down markets. Just as challenging business conditions require a new approach to remote operations, they also require a new view of cybersecurity. Providing cybersecure remote operations shouldn’t be a stumbling block, it should be a production enabler.
As teams develop, deploy, improve, and maintain secure remote solutions for business continuity, they should keep in mind three critical elements that will deliver the best, most secure user experience: fast and secure access, strategically assigned security clearances, and fit-for-purpose interfaces.
To better prepare for unknown future events, many organizations are evaluating remote connectivity, either by reexamining systems that are already in place or implementing new ones. Modern operations are most effective with uninterrupted, high-quality production, which requires operators to always keep a finger on the pulse of the plant, no matter where they may be. Remote access to operations systems can no longer be an afterthought. To provide operators with the mobile functionality they need, while keeping protections in place, teams should constantly evaluate their preparedness for using secure remote-access solutions.
Prepare for speed
A well-developed plan is faster to execute in crisis. By regularly evaluating remote operations systems and building processes and procedures to support proper use, information technology (IT) and operational technology (OT) departments should collaborate to support business continuity. When IT and OT teams have time to work together to properly develop plans, the departments can reduce potential cybersecurity risks and better enable an operator’s ability to perform effectively.
OT and IT teams should develop and document policies and procedures surrounding which users can log into which devices, what connection strategies should be used, and which permissions will be provided to remote users. These policies and procedures should also consider what type of user experience will be provided, depending on where client devices are connected (local wireless infrastructure, working from home using virtual private networks), and how long connections can remain idle. A very important question to be answered beforehand is, should remote access remain active and available at all times? Collaboration between IT and OT helps create processes that answer such questions, providing value for operations and adequate security to protect the organization.
Training and collaboration
Even the simplest remote-management solutions have the potential to increase cybersecurity risk due to misuse. Operators will be better positioned to help maintain plant cybersecurity when strategies are clearly communicated through regularly scheduled, structured training designed to help them understand the role they play.
The best processes and regulations reinforce their effectiveness by being easy to use, but this doesn’t mean processes for secure remote access should be unrestrained. Users will be more apt to follow intuitive and efficient procedures, therefore supporting, instead of inhibiting, cybersecurity. If systems require multiple different logins each time, this increases the risk that operators will take shortcuts. Usernames and passwords might end up stored in a file on the computer or written on a sticky note.
A cumbersome login process creates two other potential problems. First, users will leave connections open for as long as possible to avoid having to jump through connection hoops again. Second, operators might avoid using the system altogether or use it sparingly, increasing the risk of an undetected event that interrupts production. Worse, users may pursue other paths to get their remote-access needs addressed either with redundant investment or with ad-hoc implementations.
Strategic remote use
With increased availability and use of remote access, organizations must monitor privilege creep. Personnel working from outside the plant typically don’t need the same access as when they are onsite.
Allowing personnel access only to what they need can help increase security and limit the risk to business continuity. An assessment helps determine the correct level of permissions for each user and ensures that the system allows access only to actions critical to their roles.
For most users, read-only access is usually enough for offsite process monitoring. This is why integrated remote-monitoring solutions, provided by automation-system suppliers, typically default to read-only privileges to provide higher security.
Certain users will need more clearance than read-only permissions. These users, however, still might not need the same access they have while in the plant. A well-planned remote-access strategy creates a confirmation system that allows the user to make changes offline that can only be confirmed and applied by a local user.
For example, control systems can be locked to prevent configuration changes without local system interaction. With this solution, a system change would always need to go through a two-step approach: a remote offline change that is not immediately downloaded followed by an unlock sequence and download. The unlock and download steps can only be performed by an in-plant person.
Regular assessments can help provide the tools teams need to configure, test, and train users to securely use systems inside and outside the plant, helping ensure that a change in processes or plant access doesn’t affect operations performance.
Secure, fit-for-purpose interfaces
Modern plant technologies enable business continuity through remote operations and built-in security features that more easily satisfy IT and OT needs and ease training requirements. Built-for-purpose technologies, such as integrated control and safety systems (ICSS), reduce the security footprint by only requiring a single set of layered protections. Organizations using an ICSS only need to learn, manage, and create access points through a single set of security controls.
Maintaining a single set of security technologies increases protection because it’s easier to keep all of the layers up to date. It’s also less costly to manage a single set of security controls, as it eliminates the need for cumbersome engineered links that allow control and safety systems to communicate.
In addition, many automation systems often have their own tools for out-of-the-box, secure remote connectivity to monitor operations. When these systems are in place and personnel use them on a day-to-day basis, the transition to secure remote access is seamless.
Updating a plant’s automation system is a good place to start improving the interface for remote operations. The newest versions of many control systems offer remote operation solutions through apps and services that simplify the connection process.
Providing remote monitoring applications that are fit-for-purpose, easy to use, and built into devices that operators already use makes it more likely that operators will monitor processes quickly, securely, and often. Most of these applications provide instant notifications, meaning personnel can be on alert 24/7, which results in them watching processes more closely—ready to respond the moment an alert or alarm indicates that something may require corrective action.
Modern remote operations solutions should feel like an intuitive extension of the system that personnel use in the plant. A combination of rigorous background security, a well-designed HMI, mobile apps, and regular training and practice can go a long way toward making remote operations productive and secure.
Building business continuity
Cybersecure remote solutions are neither set-and-forget nor one-size-fits-all. Taking time to routinely evaluate and optimize systems and train users on your remote-access solution will provide a foundation for success that will support the organization as you stand strong against potential disruptors.
Increasing business continuity with secure remote operations relies on understanding the way your users use automation systems and providing them with tools that streamline their tasks, making it easier for them to support cybersecurity efforts.
Remote operations are critical to maintaining business continuity. If those operations generate security risks, then the means don’t justify the end.
If the cybersecurity approach is part of the conversation as remote operations are developed, the resulting improvement to business continuity will be even greater, and the final solution will also deliver a wide variety of other safety and operability benefits—a win-win for the organization and its personnel. EP
Alexandre Peixoto is DeltaV Product Manager at Emerson, Austin, TX (emerson.com), with responsibility for cybersecurity and network products. He has more than 18 years of experience in the process-automation industry and has assisted several engineering companies and customers globally.