Table of Contents
Advertisement
Security Considerations
Security control recommendations are provided hereby to avoid unauthorized external access that may
result in the following:
• Loss of system availability.
• Incorrect execution of controls causing damage to the plant, or theft or contamination of the
product.
• The capture, modification or deletion and loss of data.
Caution:
The caution warns you of possible damage to property and provides instructions to
avoid damage to Mini-AT.
Security Control Recommendations:
• Device Isolation:
o Isolated Solution
Restrict physical access to the device and other network devices in the network.
The device must be physically protected in locked cabinets, and logically protected with
passwords to prevent tampering.
Isolate the device from the other computer networks.
o Control Room Isolation
Isolate devices to the process control network, following best practices.
Logically segment process control system networks into multiple segments (such as
control network, supervisory network, non-control system network, business network).
o Provide Remote Access/Isolation
Use VPN and Business Firewall to prohibit or restrict unnecessary network traffic into
control system networks from non-control system network and vice versa.
• MDM Communication
Secure the communication between the device/cellular network and the remote MDM host,
o
over a private VPN IPsec tunnel.
Use a firewall and secure the local area network connecting VPN Gateway and server
o
hosting MDM/host application.
• Key Management Recommendation
Avoid using default and common credentials.
o
The user is strongly advised to change the default password for device access during
o
installation. Also, the user is strongly advised to periodically change the password of the
device as per respective organization policies.
Follow standards and / or best practices for key management (e.g.: NIST, ISO)
o
151
Hide quick links:
Advertisement
Table of Contents
