identity management

With the number of entry points to networks increasing as a result of connected technology (cloud, IIoT, etc.), access and identity management has never been so difficult. Yet industry still remains behind the times in this area. What specific features of industrial systems can explain these shortcomings and what concrete measures can provide security solutions? Your questions answered.

Ensuring secure access in industry— the obstacles

Various factors make access control in the industrial sector so difficult:

  • A plethora of stations and actors with different statuses: Controller stations are numerous and are used by rotating personnel (permanent and temporary staff, subcontractors). These stations must be easily accessible by many people at all times. For simplicity, passwords, if they exist, are generally easy to memorize and are thus ineffective.
  • No centralized directory: Each station or even application requires a specific password. For practical reasons, it is complicated to have different passwords for each user.
  • Need for speed to guarantee functional safety: Some industries need to quickly access their systems in the event of an alert or accident. Any obstacle or delay in authentication increases system access time and therefore risks. That is why passwords are often short and simple and sometimes nonexistent.
  • Purely material restrictions: Technicians and operators tend to work with gloves on or in environments prone to dirt. Entering a password on a keyboard is just not the best solution!
The importance of secure access
A cyberattack can have serious consequences on infrastructures controlled by sensitive industries: the risk may result in a production halt in the production chain or may be a physical threat to the security of installations and people.

Solutions for ensuring secure access to industrial networks

To improve access and identity security, measures specifically adapted to industrial networks need to be applied. Let’s take the following access control systems for example:

  • Entry passes and RFID chips to manage access rights to a session.
  • Windows Active Directory (AD): This solution is better adapted to large companies rather than small sites and workshops because its maintenance and upkeep require specific skills.
  • Biometric devices: not to be used if employee turnover is high.
Doors... and cameras!
Sensitive systems can also be protected by controlling physical access to the site where engineering consoles are located. If physical protection is not possible, think about setting up a video surveillance system and/or an advanced network anomaly detection system.

With the digital transformation of industries, access and identity management is a fundamental pillar for guaranteeing the security of your digital ecosystems. Although solutions exist to restrict computer access, we must not overlook the poor computer hygiene habits of some users or the use of corrupted devices such as USB flash drives which can also be vectors of insecurity.