"Can your iPhone bring down a plant?" There's an app for that! :)
Seriously, the three-level approach is the way to go, but many IT groups are not staffed for that. I also feel that many IT groups simply refused to consider dealing with BYOD, and so were caught flat-footed when they got run over by the 21st century.
Many corporations that allow employees to use their own mobile devices at work implement a BYOD security policy. BYOD security can be addressed by having IT provide detailed security requirements for each type of personal device that is used in the workplace and connected to the corporate network.
IT may require devices to be configured with passwords, prohibit specific types of applications from being installed on the device or require all data on the device to be encrypted. Other BYOD security policy initiatives may include limiting activities that employees are allowed to perform on these devices at work like email usage is limited to corporate email accounts only.
Most of the smartphones users connect to public Wi-Fi. If users connect their phones, containing company information, to an unsecured Wi-Fi network then a real security issue is created. If the same smartphone is connected back to the corporate network over a public Wi-Fi network, it could put the entire company network at risk. Users should be required to connect to the company network via an SSL VPN, so that the data traveling between the phone and the company network will be encrypted in transit and can't be read if it's intercepted.
Some smart phones OS bypass security mechanisms for user's convinenece. This makes it a lot easier and less frustrating for smart phones to connect to any plant's devices, but it also defeats the purpose of those security measures.
Web browsers on smartphones have gotten a lot better, but the web is a major source of malicious code. With a small screen of smartphones, it's more difficult for users to detect that a site is a phishing site. The malware can then be transferred onto the network from the phone.
What a great article. This really points out the serious security threats posed by the plant's connection to the ERP system. Recently, we've heard a lot about theft of corporate intellectual property in big companies. But stuffing documents in a brief case will soon be passe. This is much scarier.
Good point, TJ. But I do remember that when I asked what was the greatest threat to plant security systems, time after time, I heard, "A disgruntled former employee. One threat I heard less frequently -- but seems to me a bigger threat -- is the inadvertent attack from a malware bug that enters the system when an employee loads some music onto a workstation.
Rob, proper security would end her access upon her termination of employment. But that problem isn't limited to remote access. A disgruntled IT employee can cause far more damage from within than without. That is a completely different problem.
Truchard will be presented the award at the 2014 Golden Mousetrap Awards ceremony during the co-located events Pacific Design & Manufacturing, MD&M West, WestPack, PLASTEC West, Electronics West, ATX West, and AeroCon.
In a bid to boost the viability of lithium-based electric car batteries, a team at Lawrence Berkeley National Laboratory has developed a chemistry that could possibly double an EV’s driving range while cutting its battery cost in half.
For industrial control applications, or even a simple assembly line, that machine can go almost 24/7 without a break. But what happens when the task is a little more complex? That’s where the “smart” machine would come in. The smart machine is one that has some simple (or complex in some cases) processing capability to be able to adapt to changing conditions. Such machines are suited for a host of applications, including automotive, aerospace, defense, medical, computers and electronics, telecommunications, consumer goods, and so on. This discussion will examine what’s possible with smart machines, and what tradeoffs need to be made to implement such a solution.