Pioneering Zero Trust for Cyber-Physical Systems (CPS) Protection with a unified xDome Platform that includes Secure Access alongside our other core CPS cybersecurity controls.
Cyber-Physical Systems (CPS) form the foundation of many critical infrastructure sectors, including manufacturing, healthcare, and more. In these critical sectors, the push for increased productivity and cost reduction has amplified the demand for seamless access to CPS systems — a trend propelled by the COVID-19 pandemic's remote work shift. Although there are numerous operational and business benefits, as CPS-environments expand, so does the threat landscape, with cyber actors exploiting the shift to achieve geo-political and malevolent objectives.
Consequently, organizations face challenges of balancing remote access needs with significantly heightened risks. Coupled with increased regulatory pressures, these challenges underscore the importance of secure remote access to CPS environments. IT and OT professionals report that 25% of organizations perceive remote access and asset management as the principal chink in their operational technology (OT) cybersecurity armor.
Additionally, 55% of organizations currently deploy four or more remote access tools in their industrial network. Many times, these solutions are non-PAM tools, and are intended for personal desktop use, and lack basic security controls such as multi factor authentication (MFA), session recording, and granular access controls.
While IT-specific solutions may be used for IT-specific purposes, their existence within industrial and healthcare environments can create a critical exposure for the network. According to Gartner, these approaches have “proven increasingly unsecure and complex to manage. They also often lack the granularity to provide access to a single device, providing access to the entire network instead.”
The presence of multiple remote access tools within an environment also create compounding security concerns that include:
Lack of visibility: When using their own vendor-specific solutions, network administrators and security personnel have little to no visibility of what remote users are doing on the network.
Increased attack surface: More external connections into the network mean more potential attack vectors. These connections many times lead to substandard security practices or leaked credentials that can be used to penetrate the network.
Complex identity management: With multiple remote access solutions in use, organizations may struggle to create consistent administration and governance policies surrounding who has access to the network, to what, and for how long. This increased complexity can create blind spots in access rights management.
These compounding challenges have created the need for a secure remote access solution that can effectively increase productivity, minimize risk, and reduce complexity in remote operations while helping users maintain compliance within a growing regulatory landscape.
Enter: Claroty xDome Secure Access
Claroty has redefined cyber-physical systems (CPS) protection with our remote access solution that is now available in the cloud. As a cloud solution, xDome Secure Access is equipped with real-time updates that eliminate the need for scheduled solution downtime and streamline rollout measures across multi-site deployments. Cloud solutions also provide increased security and a more seamless, simplified deployment model that reduces overall total cost of ownership (TCO) by removing the need to deploy and monitor physical infrastructure.
This release furthers Claroty’s goal of providing a fully unified xDome Platform that includes Secure Access alongside our other core CPS cybersecurity controls — including exposure management, network protection, and threat detection. By leveraging the broader xDome Platform’s visibility and network protection capabilities, users will be able to seamlessly provision, administer, and govern access to a complete CPS inventory while strengthening access controls to align with broader network communication policies.
By weaving secure access policies and session records into the broader xDome Platform, users will be better equipped to identify, assess, and prioritize their response to risk exposures and investigate threats that arise from remote sessions. With an enrichment of cross-functional use cases, delivered on one unified, built-for-CPS platform Claroty xDome is the CPS protection platform to reduce cyber risk with a faster time-to-value and lower cost of ownership in the age of rapid connectivity.
Recognizing that no two CPS environments are identical, the flexibility of our cloud and on-premise deployment models allows us to provide critical-operations-specific remote access regardless of an organization’s geographic spread, network architecture, or cloud maturity — and, enables organization to meet the following business outcomes:
Business Outcome #1: Increase Productivity
xDome Secure Access is designed specifically for the OT domain, providing seamless access for both first- and third-party users. Our solution effectively reduces Mean Time to Repair (MTTR) by facilitating quicker issue resolution, operating under low bandwidth conditions, ensuring high system availability, and upholding critical site survivability. By integrating these capabilities, our solution ensures that critical systems remain both operational and secure, even in the most demanding conditions.
Business Outcome #2: Reduce Risk
Claroty xDome Secure Access incorporates a tailored Zero Trust framework that is further enhanced by privileged access management (PAM) capabilities and identity governance and administration (IGA functionality). Additionally, our solution allows you to manage the entire identity lifecycle, from initiation to retirement, with the utmost precision and security. Through these features xDome Secure Access provides strong security controls to protect your organization's OT systems against unauthorized access and identity risks.
Business Outcome #3: Reduce Complexity
xDome Secure Access significantly reduces administrative complexity with its scalable architecture. By operating seamlessly both on-premises and in the cloud, our solution caters specifically to the unique demands of the OT environment. xDome Secure Access is also designed to simplify administrative tasks that require constant operational control — integrating seamlessly with leading Identity and Access Management (IAM) tools to enhance identity management and enable centralized site management and policy creation.
Business Outcome #4: Maintain Compliance
xDome Secure Access provides users with the necessary controls for real-time logging and auditing of user identities, which are crucial for maintaining comprehensive audit trails and meeting regulatory requirements. By complying with organizational standards and ever-changing regulatory requirements our solution can help protect your organization against potential legal and financial penalties.
To learn more about this latest release and how Claroty xDome Secure Access can support your CPS security journey, please check out our Secure Access webpage, read the press release, or simply request a demo.
