HOME  |  NEWS  |  BLOGS  |  MESSAGES  |  FEATURES  |  VIDEOS  |  WEBINARS  |  INDUSTRIES  |  FOCUS ON FUNDAMENTALS
  |  REGISTER  |  LOGIN  |  HELP
Comments
View Comments: Newest First|Oldest First|Threaded View
<<  <  Page 6/7  >  >>
Zippy
User Rank
Platinum
Re: 3 levels to the plant
Zippy   7/1/2013 8:36:19 AM
NO RATINGS
"Can your iPhone bring down a plant?"  There's an app for that!    :)

 

Seriously, the three-level approach is the way to go, but many IT groups are not staffed for that.  I also feel that many IT groups simply refused to consider dealing with BYOD, and so were caught flat-footed when they got run over by the 21st century.

AnandY
User Rank
Gold
BYOD security policy
AnandY   7/1/2013 5:43:02 AM
NO RATINGS
Many corporations that allow employees to use their own mobile devices at work implement a BYOD security policy. BYOD security can be addressed by having IT provide detailed security requirements for each type of personal device that is used in the workplace and connected to the corporate network.

IT may require devices to be configured with passwords, prohibit specific types of applications from being installed on the device or require all data on the device to be encrypted. Other BYOD security policy initiatives may include limiting activities that employees are allowed to perform on these devices at work like email usage is limited to corporate email accounts only.

AnandY
User Rank
Gold
VPN
AnandY   7/1/2013 5:37:45 AM
NO RATINGS
Most of the smartphones users connect to public Wi-Fi. If users connect their phones, containing company information, to an unsecured Wi-Fi network then a real security issue is created. If the same smartphone is connected back to the corporate network over a public Wi-Fi network, it could put the entire company network at risk. Users should be required to connect to the company network via an SSL VPN, so that the data traveling between the phone and the company network will be encrypted in transit and can't be read if it's intercepted.

AnandY
User Rank
Gold
Security bypass
AnandY   7/1/2013 5:10:26 AM
NO RATINGS
Some smart phones OS bypass security mechanisms for user's convinenece. This makes it a lot easier and less frustrating for smart phones to connect to any plant's devices, but it also defeats the purpose of those security measures.

AnandY
User Rank
Gold
Web browsers
AnandY   7/1/2013 5:02:58 AM
NO RATINGS
Web browsers on smartphones have gotten a lot better, but the web is a major source of malicious code. With a small screen of smartphones, it's more difficult for users to detect that a site is a phishing site. The malware can then be transferred onto the network from the phone.

notarboca
User Rank
Gold
Standards
notarboca   6/30/2013 1:38:04 AM
NO RATINGS
"This topic has become very heightened. The Obama Administration has gotten involved and they're developing standards"

The last thing the industrial IT community needs is for the government to set standards.  They should do it for themselves.  Rue the day when governments try to tell people how to run their own IT shop.

Charles Murray
User Rank
Blogger
Re: 3 levels to the plant
Charles Murray   6/28/2013 6:01:14 PM
NO RATINGS
What a great article. This really points out the serious security threats posed by the plant's connection to the ERP system. Recently, we've heard a lot about theft of corporate intellectual property in big companies. But stuffing documents in a brief case will soon be passe. This is much scarier.

Rob Spiegel
User Rank
Blogger
Re: 3 levels to the plant
Rob Spiegel   6/28/2013 11:14:27 AM
NO RATINGS
Good point, TJ. But I do remember that when I asked what was the greatest threat to plant security systems, time after time, I heard, "A disgruntled former employee. One threat I heard less frequently -- but seems to me a bigger threat -- is the inadvertent attack from a malware bug that enters the system when an employee loads some music onto a workstation. 

TJ McDermott
User Rank
Blogger
Re: 3 levels to the plant
TJ McDermott   6/28/2013 10:54:39 AM
NO RATINGS
Rob, proper security would end her access upon her termination of employment.  But that problem isn't limited to remote access.  A disgruntled IT employee can cause far more damage from within than without.  That is a completely different problem.

Rob Spiegel
User Rank
Blogger
Re: 3 levels to the plant
Rob Spiegel   6/28/2013 10:41:04 AM
NO RATINGS
That remote acess sounds great, and it solved a problem in the moment -- but -- if she became a disgruntled employee, the plant would be at her mercy. 

<<  <  Page 6/7  >  >>


Partner Zone
Latest Analysis
During a teardown of the iPad Air and Microsoft Surface Pro 3 at the Medical Design & Manufacturing Show in Schaumburg, Ill., an engineer showed this "inflammatory" video about the dangers of maliciously mishandling lithium-ion batteries.
The Window Watcher stops the burglar before he does damage or enters the house. House alarm service companies set off alarms and call the service only after the burglar has damaged and entered the house.
If you’re designing a handheld device or industrial machine that will employ a user interface, then you’ll want to check out the upcoming Design News Continuing Education Center course, "Engineering Principles Behind Advanced User Interface Technologies.”
Brooke Williams of Texas Instruments explains how TI’s new TDA3x chip will help future vehicles “see” all around themselves.
It's been two years since the Mac Mini's last appearance on iFixit's teardown table, but a newly revised version joins Apple's lineup this week.
More:Blogs|News
Design News Webinar Series
10/7/2014 8:00 a.m. California / 11:00 a.m. New York
9/25/2014 11:00 a.m. California / 2:00 p.m. New York
9/10/2014 11:00 a.m. California / 2:00 p.m. New York
7/23/2014 11:00 a.m. California / 2:00 p.m. New York
Quick Poll
The Continuing Education Center offers engineers an entirely new way to get the education they need to formulate next-generation solutions.
Oct 20 - 24, How to Design & Build an Embedded Web Server: An Embedded TCP/IP Tutorial
SEMESTERS: 1  |  2  |  3  |  4  |  5  |  6


Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.
Next Class: 10/28-10/30 11:00 AM
Sponsored by Stratasys
Next Class: 10/28-10/30 2:00 PM
Sponsored by Gates Corporation
Next Class: 11/11-11/13 2:00 PM
Sponsored by Littelfuse
Learn More   |   Login   |   Archived Classes
Twitter Feed
Design News Twitter Feed
Like Us on Facebook

Sponsored Content

Technology Marketplace

Copyright © 2014 UBM Canon, A UBM company, All rights reserved. Privacy Policy | Terms of Service