Operational technology (OT) Remote access allows users to access the hardware and software that controls industrial equipment without being on-premises. Whether they’re working from home or at another location within the company, remote access enables employees to adjust processes, update software, troubleshoot problems or perform other tasks necessary to maintaining business operations.
When defined in broad strokes, it’s a simple concept. But in practice, it is a complex undertaking that introduces risks to the enterprise via OT systems—many of which lack cybersecurity protections—operating in convergence with IT systems and Industrial Internet of Things (IIoT) devices. In today’s threat environment, remote access is (or should be) inseparable from secure remote access.
Why OT Remote Access is Important
Interoperability is a strong and growing trend in industrial and manufacturing enterprises, as companies reap the benefits of greater efficiency and streamlined control of their operations by connecting Industrial Control Systems (ICS) and other OT with IT systems. Companies gain greater visibility into their processes, which leads to better decision-making. It allows employees at a central location to control operations at multiple, far-flung sites. And it allows employees to work from home or from another location, which became a necessity in some cases during the COVID-19 pandemic and is also seen as an attractive feature to offer prospective employees.
Remote access, however, comes with risks for any enterprise, and those risks are compounded when dealing with OT systems, connecting via control system protocols using IP-based Human Machine Interface (HMI) systems and Ethernet manifestations such as MODBUS/TCP.
Many OT systems lack even basic protections. Software patches are applied infrequently, if at all, and more than half of industrial sites use old operating systems, such as Windows XP, that are no longer supported, and so are not patchable by default. Meanwhile, other cybersecurity protections such as protocol isolation, the use of strong encryption and multi-factor authentication, and network and user access monitoring are often overlooked.
In today’s cyber threat landscape, that puts industrial enterprises at significant risk. Amid the escalation of ransomware and other attacks, industrial concerns, including those dealing with critical infrastructure, have become more common targets. Attacks such as those on the Colonial Pipeline and meat-packer JBS demonstrated the impact those attacks can have. Other dangerous attacks in recent years, such as Stuxnet, CrashOverride and TRISIS, targeted Supervisory Control and Data Acquisition (SCADA) systems within industrial controls.
Attacks on critical infrastructure—including the energy, oil and gas, manufacturing, transportation, healthcare and government sectors—can have an effect beyond financial losses, stolen intellectual property or damage to reputations. They also can put lives at risk. Those attacks underscore the importance of securing remote access to OT systems, especially as attackers shift their focus from delivering malware to compromising credentials in order to gain access.
Many of the access controls that are in place in OT systems, such as virtual private networks (VPNs), can date back 20 years, and were designed for access to critical systems. They don’t isolate protocols or systems, which the network exposes if credentials are compromised. Remote access to OT can be achieved using protocols such as Remote Desktop Protocol (RDP) and Secure Shell (SSH), but they don’t provide a very fine-grained level of control.
Best Practices for Securing OT Remote Access
Although OT systems are interconnected with IT systems, they operate differently, often using different protocols. For example, OT systems use a wide variety of protocols—some of them specific to the piece of equipment or its function—which can be vulnerable via open ports that don’t have access and protocol controls. They also may lack encryption protections.
Remote access to OT systems would be best served by a more straightforward, more flexible access method that also provides a level of security commensurate with both the integrated, dispersed IT environment and the current threat landscape. The most viable access strategy is one based on Zero Trust.
A Zero Trust approach focuses on continually authenticating and authorizing identities on the network in order to control and track any interaction between users and data, systems and applications. Those elements are segregated within a trust framework, with access controlled via strong multi-factor authentication (MFA), and an authorization process that includes user role, time and location-based controls. Continually monitoring activity also allows enterprises to be resilient in responding to attacks and mitigating damage.
Along with MFA, a Zero Trust strategy will follow the principle of least privilege, granting users and other network identities only the minimum access privileges they need for a specific task. Privileges can also be time-based, granting access for a set amount of time to complete the task.
With regard to OT systems, least-privilege principles can take the form of role-based access control (RBAC) and time-based access control (TBAC). Users can be granted access to operate an HMI or patch an asset, for instance. TBAC can establish fixed hours or days within which other stakeholders, such as vendors or business partners, can access systems.
Adopting Zero Trust and Protocol Isolation for Secure OT Remote Access
Another technique common in Zero Trust architectures is network segmentation, which divides the network into isolated, compartmentalized subnets through the use of firewalls, Virtual LANs and software-defined networking (SDN). A precept of Zero Trust is that it’s not all about preventing intrusions—organizations must assume that a network has been breached. A segmented approach can prevent unauthorized users from moving about the network.
Within OT systems, a segmented approach can be aided by protocol isolation, which limits the use of certain protocols to specific locations, preventing the flow of traffic across the network, and by similarly isolating OT assets.
Organizations also can gain visibility and control by employing moderated asset access control, which requires vendors to check in before accessing their critical assets and moderates their visit. A moderated approach also can be applied to file transfers, requiring approval before files are moved to or from a vendor location, and also logging all of those activities.
By employing a smart combination of cybersecurity technologies and techniques, even the most complex OT networks, including those that are integrated with IT systems, can be protected from the dangers of both modern threats and malicious users.
The Modern Approach to Operational Technology (OT) Remote Access
XONA provides a frictionless and secure solution for operational technology remote access. Its proprietary protocol isolation and Zero Trust architecture immediately eliminate common attack vectors, while giving authorized users seamless and secure control of operational technology from any location or device. XONA enables organizations to have control of who, what, where, when and how users and data move in and out of any critical system with granular role-based access control, multi-factor authentication, moderated access, user session analytics, and full system logging/monitoring with easy output to SEIMs or Log Viewers.
XONA is the single, secure portal that connects the cyber-physical world and enables critical operations to happen from anywhere with total confidence and trust.
Learn More
- The Ideal Simple and Secure Connection Solution for OT Remote Access
- Taking an IT-Focused Approach to Securing OT Remote Operations at Municipal Utilities May Be Risking Lives
- How Remote Operations Capacity Improves Organizational Efficiency
- MFA Key Registration with XONA
- XONA Provides Secure and Compliant Operations via Mobile Device for Porto de Sergipe Power Plant