Like for Harry Potter, the best defense for your industrial systems against cyber enemies might be an invisibility cloak.
“If your site can’t be seen, it can’t be hacked,” says Xavier Mesrobian, vice president of sales and marketing for Skkynet Cloud Systems, a member of the Control System Integrators Association (CSIA). The company’s work on security was recognized in January when its Secure Cloud Service won the Battle of the Platforms for Best IoT Security Solution at the M2M Evolution Conference and Expo in Miami.
Although companies have been relying on virtual private networks (VPNs) to ensure the security of their information when connecting to the Internet, this approach has a fatal flaw, according to Mesrobian. It requires that a port through a company’s firewall always remains open to access and transmit data. This gives hackers the ability to steal authentication codes and passwords to access any device on a network. It was the method reportedly used by Chinese hackers recently in widespread attacks on U.S. government systems.
Skkynet says it has a better approach that it calls “secure by design,” a publish-and-subscribe system that pushes data past the firewall. It uses a different connection model called WebSocket that can be applied to industrial data communications in a way that allows only outbound connections from a plant to the cloud.
“No inbound connections are necessary; no plant firewall ports need to be left open,” Mesrobian says. “Once the connection is established, the data can flow in both directions. Or you can choose to make all or some of your data read-only, preventing any write back from the cloud.”
Mesrobian explains further, “A static IP address can always be made visible, but by using an approach that’s secure by design, it’s virtually impossible to break into a system. With no inbound ports, a company’s site can’t been seen by the Internet.”
Security is one concern as industrial technology advances and more machines and devices are connected to the Internet. Read the full article about the transformation of machine-to-machine practices.