Tools

• 1
• 2
• 3
• 4
• 5

Current Rating: 0.0
(0 votes)

Click on a star to rate this article.

Print page

Email page

How to improve network security

Industrial Networking, ControlGlobal.com

Keywords: network security, secure control systems and industrial networking

There's no such thing as a 100% secure control system, but learning and understanding the risks associated with security standards, and how to mitigate them are a start. Check out this to-do list.

• Understand that there’s no such thing as a 100% secure system, unless it’s buried in a vault, still in the box, unplugged, and unconfigured.
• Educate operators to look for operational anomalies. These are usually the first indication that something is wrong.
• Learn and understand the risks associated with security standard you’ve implemented, and how to mitigate them.
• Get control system engineers and IT synchronized, and working in the same department.
• Create polices and procedures that include an organizational tree, which describes mitigation and alert vectors to be used if a breach or threat is found.
• Schedule risk analyses on an ongoing basis.
• Incorporate change control into the above procedures.
• Know who to contact and what to do in case of a breach or attack.
• Create a single-point failure matrix.
• Follow current industry guidance and Microsoft domain isolation guidance, which presently has a patch that to allow a mostly one-button setup in XP-2K3 systems, and will be included as a one-button setup in a Longhorn/Vista domain.
• During critical junctures of possible attacks or potential threats, pulling the plug on the outside world can be effective if the control system can be reduced to a single point of access.