Whether you operate in remote, geographically challenging locations, rely heavily on vendor support remotely for your systems, or otherwise need to enable access to staff and others at home, afield or afloat, remote access is central to your security planning. As the U.S. Federal Government continues to build towards a future that is increasingly distributed, the Zero Trust initiative and other similar programs count on Civilian agencies and Service Branches to address the security of remote access of any flavor.
Remote access administrators, both in IT and OT, must balance convenience for employees and vendors, and security for their organization. And air-gapped or segmented networks become even more challenging. This means an OT engineer or contractor will need to traverse a maze of firewalls, VPN, authentication, more firewalls, jump servers, and more authentication to finally reach an asset and start repair work.This means great complexity, and leaves many opportunities for failure with:
Increased mean time to repair (MTTR)
Overall, often reduced efficacy with the tasks at hand
But OT assets regularly need to be accessed by internal users and third-party vendors.
Access needs to be quick and reliable. Mission-critical operations, emergencies and other situations do not afford time for multiple tiers of authentication, VPNs, jump servers, etc.
Administrators need to know and control who is logging in from where, for what purpose, and evaluate the legitimacy of requests.
Claroty – through the Claroty Secure Remote Access product - can help by providing:
Zero Trust-based access controls
Streamlined access for third and “fourth” parties
Full auditing and screen recording of remote sessions
Auto-shutdown of suspicious or unwanted remote sessions
Role Based Access Control (RBAC)