While hackers have attacked some industrial sites, many security specialists say that employees may be more of a concern in many industrial facilities. It’s easy for a worker to unknowingly bring a virus into the site, and disgruntled employees are also a concern. Though security is a fairly new issue for many industrial managers, it’s one that can no longer be ignored.
“If someone is not making security part of their infrastructure, you have to wonder what they’re thinking,” says Carl Henning, deputy director at PI North America (us.profinet.com). “It’s definitely something everyone needs to be aware of.”
Equipment suppliers are doing more to help users build security into their architectures. Firewalls and other security equipment are widely available, and more products are emerging. Most observers say that multiple levels of defense must be employed to ensure that problems will be thwarted.
“You’ll be seeing more and more communication modules that encrypt data and create secure VPN tunnels,” says Gregory Wilcox, business development manager for networks at Rockwell Automation (www.rockwellautomation.com). “They’re one more element of a defense-in-depth approach.”
Physical security is another aspect of this layered approach to protection. Technologies like biometric door locks are effective, but many industrial sites don’t need that level of security.
Considering that internal threats are often the biggest threats most manufacturers will face, some inexpensive products can do a lot to reduce the chances of malicious attacks or unintended errors. One is to simply lock up the cables that link critical equipment to the network. That ensures that they won’t be disconnected intentionally or accidentally while also preventing someone from connecting to the network at that point.
>> Read Automation World's complete coverage: "Ethernet: It's All About the Availability".