KNOWING AND CATEGORIZING VULNERABILITIES INDUSTRIAL ENVIRONMENT
Knowing the processes or disciplines necessary to identify the intentional actions that can trigger a failure in the security of an environment is a first step to design a more secure and robust infrastructure that helps to ensure the availability of critical systems.
WHAT IS THE RELATIONSHIP BETWEEN THREATS AND VULNERABILITIES?
Threats can be caused by the system itself or by human interaction. Many organizations have limited knowledge about the origin and object of a threat, since traditional perception is often linked to a mechanical impact and not to the logic of the process. A vulnerability is a failure in the process or in the system from which a threat is exploited in order to compromise it. The more vulnerable a system is, the greater the risk we face.
HOW TO CATEGORIZE, UNDERSTAND AND MANAGE VULNERABILITIES?
From the point of view of risk management, it is possible to divide vulnerabilities into 4 types:
- Management vulnerabilities.
- Operational vulnerabilities.
- Functional vulnerabilities.
- Technical vulnerabilities.
THE SECURITY OF PROCESS CONTROL SYSTEMS
Due to the existing threats, cybersecurity has become a priority for control environments. Originally, process control systems were created as separate and isolated systems, therefore, security did not have the weight it has today. With the standardization of the Internet and the use of IP protocols, the design has changed to the point where, in many cases, the control network has become a protected extension of the corporate network, being potentially accessible from the Internet and vulnerable To the risks that this entails, forcing us to adopt a strategy that will help us create a safe environment to reduce the existing threats.
UNDERSTAND THE RISK OF BUSINESS. PRINCIPLES OF GOOD PRACTICES
Only with a good understanding of the risk posed by threats, vulnerabilities, and business impact can an organization make decisions with the appropriate levels of security necessary to improve work practices. Processes must be subject to continuous evaluation to adapt to constant change.
Through virtualization services, we help you develop a strategy that meets the needs of the control environment and simplify the infrastructure of servers and data centers with industry-leading VMware technology. We offer counseling, training, implementation and support services.
Virtualization will enable you to reduce your hardware needs by a 10: 1 ratio. Less hardware means that hardware and operating costs can be reduced by up to 50% and energy costs by as much as 80%. In addition to consolidating servers and using less hardware, virtualization enables you to extend the server lifecycle, accelerate provisioning time by 50-70%, and get centralized, automated management.
Virtualizing servers, desktops and applications ensures data protection, providing high availability and achieving disaster recovery goals. Through high availability with active migration and fault tolerance capabilities for virtual machines, fast and reliable disaster recovery is achieved without the cost of duplicating the data center infrastructure or the complexity of manual recovery.
- OPEN ARCHITECTURE
To ensure the security of the control network and to be able to evaluate the risk, a follow-up must be carried out to identify and mitigate vulnerabilities that allow an attacker to alter or take control of the system. When a secure architecture is implemented, it tends to focus effort on the technological elements. Although important, the technology itself is insufficient to provide robust protection. It is not enough to install and configure a firewall if the peculiarities of the process control environment are not taken into account.
Although control systems are based on IT standards, their operating environment differs significantly. Solutions to ensure safety in
Computer environments are often not appropriate for the control environment. While some standard security tools and techniques can be used to
Protecting process control systems, careful adaptation may be required for their integration.
As an example, it may not be possible to install an antivirus in the control systems due to the lack of processor power, the age of the operating system or the certification of the supplier.
For the control environment, the order of the security objective is inverse to that of the computer environment, since the availability of the systems is positioned as the most important factor. In a control environment, the term security usually refers to reliability and high availability.
- Availability is the ability of a system to ensure continuity in its operation in any situation:
- Users must have, most of the time, the ability to access the architecture to launch jobs, perform configuration and maintenance tasks, collect results, among others
- This system capacity is usually quantified with the percentage of time that has been available to users (> 99.9%).
PROTECT, DETECT, ACT
A vulnerability assessment identifies and reports a security breach for further analysis. The main purpose of a security test is to duplicate the actions of an attacker to find the weaknesses of the network that could allow access to the control environment through the Internet or the corporate network itself. There are several tools and techniques used by attackers to identify vulnerabilities.
- Protect: Implement appropriate security and protection measures to prevent electronic attacks.
- Detect: Establish mechanisms for the rapid identification of electronic attacks.
- Act: apply the appropriate prevention measures to solve security incidents. The success of any safety procedure depends on the human factor. Employees are the most important resource and the greatest security threat. Process control systems personnel are often not familiar with IT security and IT security personnel are often not familiar with control systems or their operating environment. This situation can be improved by increasing general understanding through training programs.
RemoteApp provides an application as if it were installed locally regardless of the server on which it is installed, providing load balancing to support a larger number of sessions.
- Fully transparent application access to end users
- Dismiss Terminal Services sessions to access applications remotely
- Maintenance of the application from a single location
- Scalability of resources
- Access from anywhere