Moving towards secure remote access
Published: 13 September, 2018
Jonathan Wilkins, marketing director of obsolete industrial parts supplier EU Automation, discusses secure remote access and the challenges it presents.
Whether you’re working from home, picking up e-mails on the go or away on business, it’s usually possible to remotely access you company’s network. Though easy to implement in many enterprises, complexity and security present hefty barriers to many industrial businesses.
Industry 4.0 provides an opportunity for manufacturers to obtain detailed insights on production. Based on data from connected devices, plant managers can spot inefficiencies, reduce costs and minimise downtime. To do this effectively, it is useful to be able to access data and information remotely. However, this can present challenges in keeping operations secure.
Secure remote access is defined as the ability of an organisation’s users to access its non-public computing resources from locations other than the organisation’s facilities. It offers many benefits such as enabling the monitoring of multiple plants without travel or even staffing being necessary. As well as monitoring, maintenance or troubleshooting is possible from afar. According to data collected from experienced support engineers, an estimated 60 to 70% of machine problems require a simple fix, such a software upgrade or minor parameter changes – which can be done remotely.
Remote access reduces the cost and time needed for maintenance and troubleshooting and can reduce downtime. For example, by using predictive analytics, component failures can be predicted in advance and a replacement part ordered from a reliable supplier. This streamlines the process for the maintenance technician, flagging an error instantly, even if they are not on site.
The challenges of remote access
There are still significant challenges to remote access of industrial control systems, including security, connectivity and complexity. Traditional remote-access includes virtual private networking (VPN) and remote desktop connection (RDC). These technologies are complex, expensive and lack the flexibility and intelligence manufacturers require.
Additional complexity added by traditional technologies can increase security vulnerabilities. Industrial control systems were not typically designed to be connected, and using a VPN connects the system to the IT network, increasing the attack surface. It also means if a hacker can access one point of the system, it can access it all. This was the case in attacks on the Ukrainian power grid and the US chain, Target.
To overcome these issues, manufacturers require a secure, flexible and scalable approach to managing machines remotely. One option that can achieve this is cloud-based access, which uses a remote gateway, a cloud server and a client software to flexibly access equipment from a remote location. In this way, legacy equipment can be connected to the cloud, so that it can be managed and analysed in real-time.
Most manufacturers find that the benefits of remote access can offer outweigh the investment and operational risks. To counteract them, businesses should put together a security approach to mitigate the additional risks remote access introduces. This often involves incorporating layers of security so that if one section is breached, the entire control system is not vulnerable.
When implementing remote access into an industrial control system, manufacturers must weigh up all available options. It’s crucial to ensure your system is as secure as possible to keep systems safe when accessed remotely, whether the user is working from home, on the go, or away on business.