xDome Secure Access is the industry’s only secure remote access solution that is both purpose-built for operational technology (OT) environments and fully integrated as a native component of a comprehensive OT security platform. The myriad unique benefits xDome Secure Access delivers range from the ability to easily offer, secure, and control OT remote access, to minimizing the risks posed by remote OT employees and third-parties, to enabling customers to adapt their incident management function for a remote or distributed workforce, among others.
The following success stories highlight a few ways in which Claroty customers have capitalized on these and other benefits of xDome Secure Access to fulfill their OT security and risk management objectives:
xDome Secure Access Success Story #1
xDome Secure Access Empowers Clean Energy Leader to Minimize Onsite Staff, Adapt Industrial Operations and Cybersecurity for a Remote Workforce amid COVID-19
Customer Background:
A leading producer of sustainable fuels initially deployed The Claroty Platform’s Continuous Threat Detection (CTD) component to support asset inventory, threat detection, and risk and vulnerability management for the widely distributed OT environment spanning each of its fuel production plants. Shortly after the COVID-19 pandemic began, the customer also chose to deploy the platform’s xDome Secure Access component to provide remote access and monitoring for these plants.
Primary Objective for xDome Secure Access:
Adapt fuel production operations and cybersecurity posture to the unprecedented risks, changes, and challenges imposed by the COVID-19 pandemic.
xDome Secure Access Results:
Significant reduction in the number of onsite personnel required to maintain the critical industrial systems at each plant
Rapid expansion of the remote workforce without impacting the efficiency or effectiveness of industrial operations or security at each plant
Ability to remotely audit industrial systems and remote connections to such systems
Seamless — and entirely remote — deployment of new OT technology at multiple plants located more than 2,000 km away from company headquarters
Ability to remotely audit all onsite personnel’s interactions with industrial systems
Expanded coverage and quality of support to industrial systems with decreased travel required of personnel • Increased reliability of industrial systems
xDome Secure Access Success Story #2
Global Beverage Manufacturer Uses xDome Secure Access to Minimize Third-Party Risk, Preserve Process Integrity at Water Treatment and Bottling Facilities Worldwide
Customer Background:
A global beverage manufacturer needed to address the serious risks posed by the hundreds of third-party contractors responsible for remotely servicing the industrial systems underpinning its water treatment and bottling facilities. Any changes to OT process values at either type of facility could result in dangerous contamination of the manufactured beverages, but the company lacked the ability to effectively monitor for — and respond to — these types of changes due to the complex, geographically distributed architecture of its OT environment, reliance on remote third-parties to maintain that environment, and limited visibility into those third-parties’ activities.
The company turned to Claroty for assistance minimizing these risks, choosing to deploy CTD to gain OT visibility and xDome Secure Access to provide its fleet of contractors with an easier and more secure way to remotely access and maintain its water treatment and bottling infrastructure.
Primary Objective for xDome Secure Access:
Minimize the risks introduced by the hundreds of third-party contractors responsible for remotely maintaining water treatment and bottling facilities.
xDome Secure Access Results:
Ability to easily and securely access, service, and monitor industrial systems at water treatment and bottling facilities from any location
Elimination of direct connectivity between remote third-party contractors and OT assets, thereby reducing the attack surface for water treatment and bottling facilities
Reception of real-time alerts for unauthorized remote connections and/or activities that could impact OT process integrity at water treatment and bottling facilities
Ability to seamlessly investigate and respond to such alerts by viewing — and, if deemed necessary to contain an incident, disconnecting — live xDome Secure Access sessions
Enforcement of granular policy- and role-based administrative controls for OT remote access — including for contractors responsible for servicing water treatment and bottling facilities — in accordance with Zero Trust and Least Privilege security principles
Reduced exposure to cybersecurity risks posed by remote third-party contractors
Preserved process integrity and increased reliability of industrial systems
xDome Secure Access Success Story #3
xDome Secure Access Enables One of Europe’s Busiest Airports to Secure and Control Remote Access to Building Management Systems
Customer Background:
Transporting more than 2.5 million tons of cargo a year, one of Europe’s busiest airports for passengers is also a hub for freight shipments, forwarding companies, and couriers, making it a vital link in the supply chain for businesses in more than 100 countries. Fundamental to this role in the global supply chain are miles of automated conveyor belts that enable cargo to move reliably and safely throughout the airport.
These conveyor belts are controlled by a building management system (BMS) that is monitored and serviced remotely by OT personnel located in a separate facility adjacent to the airport’s main premises.
All such remote connections to the BMS had historically occurred over VPN and therefore could not be fully controlled, monitored, or prevented from inadvertently introducing malware or other risks due to inadequate security hygiene, unintentional errors, or insider threats. Recognizing the critical need to mitigate these risks and the various operational challenges posed by VPNs, the airport turned to Claroty and opted to deploy xDome Secure Access.
Primary Objective for xDome Secure Access:
Equip OT personnel with a highly secure, controlled, and efficient way to monitor and service the airport’s BMS and ultimately preserve the safety, reliability, and integrity of its automated conveyor belts and the precious cargo they transport.
xDome Secure Access Results:
Ability for OT personnel to seamlessly access, monitor, and the service the BMS and connected systems safely and securely from any location
Complete disconnection of the BMS from the airport’s corporate VPN within days of xDome Secure Access deployment, rapidly reducing the attack surface
Segregation and control of OT personnel’s BMS access privileges based on role, policies, activity, and timeframe
Ability to fully monitor, investigate, and disconnect OT remote connections to the BMS
Ability to more efficiently and effectively preempt conveyer belt malfunctions and alert onsite staff, resulting in faster response and remediation times and reduced disruption
Preserved process integrity and increased reliability of automated conveyor belts
Reduced exposure to cybersecurity risks for the airport’s OT and corporate networks
About Claroty xDome Secure Access
Claroty xDome Secure Access delivers frictionless, reliable, and highly secure remote access to OT environments for internal and third-party users. Unlike traditional remote access solutions—most of which are designed solely for IT networks—Claroty xDome Secure Access is purpose-built for the specific operational, administrative, and security needs of industrial networks. The result is a unique solution that reduces your mean-time-to-repair (MTTR), minimizes the cost and complexity of configuring and administering access for your OT remote users, and diminishes your OT environment’s exposure to the risks posed by unmanaged, uncontrolled, and unsecured access.
