Disruptive innovations come with risks. Think about the recent tragedy involving a self-driving car in Arizona. While this is an extreme example of what can happen when technology fails, it’s a reminder that safety must always be a priority.
The Industrial Internet of Things (IIoT) is no exception. Operational technologies (OT), such as plant-floor equipment and machinery, have traditionally lacked exposure to the type of attacks that IT systems face. But now more manufacturers are tying their IT and OT systems together as they adopt IIoT technologies.
We understand that companies have concerns about security when connecting their devices to the Internet. Fortunately, there are strategies manufacturers can implement to secure their IIoT investments.
1. IT and Operations Must Collaborate
The operational side typically doesn’t consider security requirements, so it may lack an organized security practice, notes Gartner contributor Susan Moore. However, a primary focus for IT is protecting information. This is why IT and operations need to collaborate early in the IIoT implementation process.
“IT and OT cultures are not incompatible, but they require executive guidance to realize initial alignment,” Moore writes.
2. Know What You Have
A simple, yet often overlooked safeguard is knowing exactly what IIoT devices you have in place and where they’re located.
“You can’t secure what you don’t know you have, so an effective IoT security strategy must begin with a comprehensive inventory of all networked assets,” according to an IndustryWeek article by contributors from Crowe Horwath LLP. “In addition to known and authorized devices, the inventory also must capture unauthorized or previously unmanaged devices, such as security cameras, monitors, machine sensors and other devices that have been plugged into the company’s network by employees or vendors without the IT department’s knowledge or participation.”
3. Opt for Multi-Layered Security
Make sure your IIoT network doesn’t rely on a single technology for security. For example, Google Cloud offers security at the device and network levels as well as security for apps running on the network, data storage, and hardware. With Oden’s IIoT solution, all data sent over the network is encrypted and transmitted over a secure VPN connection.
4. Stay Up-to-Date
Don’t ignore updates or patches.
“If a device is running out-of-date software, it may contain unpatched security vulnerabilities. Such vulnerabilities may allow exploitation of the device and its data by attackers,” notes the IoT Security Foundation.
This includes updated an IoT device’s firmware to the latest version, “which incorporates all current bug fixes, vulnerability fixes, and mitigating or compensating controls,” according to Crowe Horwath.”
5. Assess and Test
Continuously assess your security. This includes risk-based analyses with business impact statements, Crowe Horwath suggests. This will allow you “to prioritize projects and make the most of limited resources.”
Security issues related to IIoT are rare. Taking a few precautions can ensure IIoT technologies remain safe. Don’t hesitate to consult with IIoT experts to determine how you can safeguard your system while reaping the benefits of a smart, connected enterprise.
