How Logitek Implements Data Defense.
Data must be protected both when it is at rest and when it is in transit between devices within a network.
The defense-in-depth strategies propose applying different protection mechanisms at different levels within an ICS OT installation. In this way, if one layer of protection fails, there will be other inner layers that will prevent the materialization of the attack, thus decreasing the level of operational risk that industrial assets may have.
The innermost protection layer of this type of strategy is data defense. Historically, the protection of ICS OT data has not been given much importance due to the fact that they are raw data from industrial processes that do not have much confidentiality interest. However, the integrity and availability of the data does take on a more important character.
In addition to process data, other types of information such as internal documentation, programs and logics of the PLCs that execute the process, credentials, etc. must be considered, which do have a relevance to consider.
The data must be protected both when it is at rest (for example, files stored on some computer/server) and when it is in transit between devices within a network.
Data at rest
The protection mechanisms for data when they are at rest are:
- Use of strong encryption to make them unreadable.
- Use of control mechanisms of access and authorization to restrict access to them.
- Have backups and/or version control.
- Physical security of the facilities where the data is stored.
Data in transit
The protection mechanisms of the data when they are in transit are:
- Use of encryption in communications, for example using secure industrial protocols such as OPC UA.
- Use of network electronics with the ability to prevent spoofing attacks and ensure that communications -and their data- travel through the mouths of the stipulated switches. We are talking about port-security mechanisms, IGMP, DHCP Snooping, etc.
- Physical security of the network to avoid physical intrusions of the communication links.
From Logitek, we put at your disposal solutions to implement secure industrial networks with technologies that allow the creation of highly robust and scalable topologies. In addition, with protection mechanisms to have access control to the network and avoid abuse of the vulnerabilities of Ethernet and IP protocols.
For the protection of data at rest, we put at your disposal specialized software in the control of changes in the logics of the PLCs. In this way, you get to have a centralized repository with the set of automation programs, in addition to:
- Secure your intellectual property by having flexible access control to the data repository.
- Detect the changes made. Report who, when, from where and why a change has been made and identify the code modifications made.
- Recover, in an agile and easy way, to a previous version of the program in the event of a problematic or unauthorized change.
Some links of interest:
- Defense in depth
- Defense-in-depth strategy in industrial cybersecurity.
- How Logitek Implements Internal Network Defense.
- How Logitek Implements Equipment Defense.
- How Logitek Implements Perimeter Defense.
- Autosave
For more information, do not hesitate to contact us.
