Vandals and saboteurs can do tremendous damage by changing a crucial set point or introducing a crippling virus.
Like the experts in physical security, experts in cybersecurity recommend layers. “The practical approach is to create about three to five layers in the network,” says Rashesh Mody, chief technology officer at Wonderware, a Lake Forest, Calif.-based unit of Invensys Systems Inc. The strategy is to control the passing of information between each layer, authenticating sources and checking permissions each time data are exchanged.
Tools for protecting the network and its various layers include firewalls, routers and switches that restrict access through ports, and Internet Protocol Security (IPsec), a set of protocols for securing the exchange of packets at the IP layer. Mody urges users not to rely solely on software for encryption work. Rather, he recommends offloading some of it onto circuit boards that cost only about $150. “Encryption and decryption take time and require bandwidth,” he says. “Transferring it to hardware frees your main CPU [central processing unit].”
An important layer in any cybersecurity scheme is the data itself. Most modern information management systems let managers assign security to corporate data to control selected pieces of it, much as they would money and inventory. Users then would be able to access and modify only the data that they have permission to see and handle. Management can tighten security by requiring a user to enter his or her password before gaining access to data. An even higher level would require verification or countersignature of a boss or other person in authority.
Besides the layered approach, Mody adds three other elements for securing networks. The first element is having a team and working procedure for dealing with a virus or other problems. “You don’t want to wonder what to do at the last second,” he says. “Create a team, educate its members, and write down working procedures for responding to sudden problems. If a new virus shows up, what do you do? Shut down? Disconnect from network? Debug it? Run anti-virus software?”
The second element for security is instilling and enforcing best practices, such as not browsing the Web, prohibiting blank passwords, changing passwords periodically, installing antivirus software on each PC, and having the information technology department check each laptop brought into the facility. The third and last element is to review the procedures every six months or so.
See the main story that goes with this sidebar: Protecting the plant Automation keeps intruders out