role-based access control (RBAC)
Flexible segregation, segmentation restriction management with access groups, workflow approvals and extenders
3rd party access management
Easy to use by the supply chain and external contractors - and for auditing their remote access
swiss army knife of tech for industry 4.0
Comprehensive functionality for OT targets & applications in the hybrid cloud, including RDP, VNC, HTTP(S) and SSH
OT ICS cybersecurity for Industrie 4.0 and IIoT in IT/OT convergence
System up time is critical in IIoT/OT environments and it requires constant monitoring and management of the devices and systems within them. Access to resources must be governed, identified, authorized, approved, audited and monitored in a secured and restricted manner. Proper secure access must be implemented in accordance with regulations, directives and practices, such as the EU network information security (NIS), NIST, IEC62443 and ISO27001.
With cloudification and IT/OT convergence, site engineers, administrators, maintenance personnel, remote operators and consultants access OT targets remotely, including:
- Industrial control systems (ICS)
- Supervisory control and data acquisition (SCADA)
- Programmable logic controllers (PLC)
- Discrete process control systems (DPC)
- the human-machine interface (HMI) remote terminal units (RTU)
The EU Commission has estimated a 22 % increase in costs for implementation of NIS 2.0.
In Q1 2021, there was a massive increase in attacks agains VPN services, driven by the popularity of remote work.
Zero Trust prioritized in the US
“...[Advance] toward Zero Trust Architecture; accelerate movement to secure cloud services, including Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS)” - Executive Order on Improving the Nation’s Cybersecurity.
faster operations with automation
Secure access made fast and easy
Keep your joiners, movers and leavers in sync with the targets they need to access automatically. Enjoy a minimized need for manual configurations or maintenance
PrivX OT Edition is based on cloud-native architecture with microservices and open REST APIssfor all functions. That's why it is light on hardware requirements but great on scalability, resiliency and high availability (HA) in any technological context.
Fast and flexible to deploy
Deploy PrivX OT Edition to:
- Cloud (AWS, Azure, GCP), private clouds and virtual machines (VM)
- on-premise (datacenters or manufacturing sites)
- hybrid and legacy environments.
zero trust access wtih no leave behind credentials
Users and secrets managed
Identified and audited
Clear and easy-to-use
- workflows for managing roles, approving sessions and segregation of access to targets and sites
- on-site and off-site secure access for 3rd parties, remote operators and maintenance engineers
- multi-factor authentication (MFA), role-based access control (RBAC) , audit trails and session recording.
Centralized control room
PrivX OT Edition synchronizes identities from multiple directories, including Active Directory (AD) Lightweight Directory Access Protocol (LDAP), and OpenID and maps them automatically to the right roles. All accessible targets managed under a single pane of glass.
Easy to use and secure
Enhance productivity through a single-sign-on (SSO) and HTML5 ‘thin-client’ user interface. No software agents on the client or the server, no complex configuations. Just-in-Time Zero Trust access without credentials left behind for misuse.
compliant secure remote accesS
Comply with regulations
ISA/IEC 62443 Industrial Automation and Control Systems Security series of cybersecurity standards is applicable to automation and control system applications.
ISO 27001 is one of the most recognized industry standards. In particular annex A.9.1 of ISO 27001:2013 focused on the business requirements of access control.
The European Network And Information Security Directive (NIS) is applicable to measures for the security of network and information systems across the Union.
A Marine Vessel Operator Secures Remote Access and IoT Data Collection
Premise: With the help of IoT sensors, on-board computing, satellite communication and cloud-based analytics, the customer aimed to enhance operational profitability. However, connectivity from the public cloud environment to mission critical vessel systems came with risks.
Challenges: Limited transparency into the remote access without visibility into the sessions. The VPN connections to the ship networks were always on. Indiscriminate access to all areas once logged in to VPN service. Untracked and unidentified connections to ship subsystems. Shared accounts and manually managed access credentials.
Change: Increased transparency and compliance via audit trail and session recording. Secrets secured and managed centrally for risk mitigation. Automated linking of roles to identities. Just-in-Time (JIT) access granting and revocation with least privileged for granular security. Scalable cloud deployment and increased level of automation for easy fleet expansion.
Why the Manufacturing Industry Should Get Serious About Zero Trust and Just-in-time Access
IT/OT convergence is shaking up the utility, transportation, energy and manufacturing industries. Learn why secure remote access is at the center of this transformation and how companies can protect their critical operations.
Zero trust remotE access for OT
White Paper: Secure Access Management for Operational Technology (OT) and Critical Infrastructure
Learn why OT and IIoT need to transcend VPNs, firewalls and various remote access tools to stay safe from threats and risks. Fill in the form to get your copy of this White Paper by SSH.COM.