Cyber-vulnerability in manufacturing threatens data loss, theft of intellectual property and severe damage to a business’ trading reputation. Without doubt, the increase of connected devices on the average factory floor has expanded the risk, but in an age where smart production cannot be avoided, how can manufacturers connect their facilities, while remaining protected?
Security by design
When choosing a vendor for industrial software, most manufacturers will enquire about the product’s security features. However, further investigation should be taken to ensure these features can protect against all threats, both today and in the future.
Cyber security features cannot be static. Before selecting a product, manufacturers should ensure the software will provide ongoing security updates during the entire lifespan of the software. Otherwise, the system may be unable to protect against new, emerging or unfamiliar threats.
Asking this in advance can also protect manufacturers against unexpected invoices, as some products may have unplanned additional costs for upgrades or patches. In fact, manufacturers should be wary of any supplier that will only provide adequate security protection as an additional feature — this should be provided as standard.
Secure cloud hosting
Cloud storage has long been hailed the solution for storing the huge volumes of data that smart factories generate. However, cloud-sceptics often argue that storing data offsite can leave it vulnerable to unauthorised access.
Storing industrial data in the cloud can provide manufacturers with plenty of opportunities —the creation of company-wide dashboards and identifying production key performance indicators (KPIs) are just two examples. However, before reaping the rewards of the cloud, it is important to ensure that the software vendor uses a secure host.
Believe it or not, some manufacturers using cloud-based platforms do not know where their data is being stored. Before selecting a vendor, manufacturers should ask who the host is and what security measures the platform provides. This is also the time for manufacturers to perform their own research on the history and reputation of the host, and identify any certifications they might have to bolster their claims of security.
Microsoft, for example, has invested heavily in the security of its cloud platform, and has achieved ISO 27001 certification as a result. This is the international standard for best practice of an information security management system (ISMS). Opting for hosts with certifications like these can provide manufacturers with third party assurance, and ultimately, it proves that the host takes cyber security seriously.