Rss

    SCADA considerations

    Procedures

    • Corporate Information Protection
    • Security Management
    • Information Classification
    • Physical (and Environmental) Security
    • Personnel Security
    • Security Awareness Training
    • Security Incident Response
    • Security Monitoring
    • Network Security
    • PC/Workstation Security
    • Support and Operational Security Related
    • Encryption and Information Confidentiality
    • Authorization Controls
    • Identification and Authentication Mechanisms
    • Systems Life Cycle Security
    • Business Continuity Planning
    • Media Security
    • Third Party Services

    Typical concerns and points discussion:

    • Inbound and out Bound FTP
    • Suggest use of DMZ
    • Suggest use of Secure FTP
    • Suggest use of restricted secure IP addresses / tunnelling
    • Suggest use of private feeds

    Modem issues used with dial in services

    • No dial back
    • No Authentication
    • No Secure ID
    • Possibly automated scripts used, so hard coded usernames and passwords used.
    • Internet sharing may be turned on, allowing routing via workstations.

    Increased data security and integrity considerations

    • Data backups
    • System redundancy
    • Site and content filtering
    • Virus protection
    • Standard system procurement (discounts and spares)
    • Network and services redundancy
    • Network monitoring
    • Service availability monitoring
    • Internal controls
    • Vendor / external service supplier
    • Capacity management
    • Change management system
    • Asset management system
    • Telecommunication and telephony bulk cost discounting
    • Etc.

    Use and support for corporate application considerations

    • Email
    • Intranet
    • Internet
    • Corporate virus protection
    • Asset management
    • Change management
    • Project management
    • Performance / capacity management
    • Reduction of Cost
    • Use of corporate applications
    • Reduction of manual processes

    Other things to keep in mind:

    • SCADA monitoring system must be isolated from network errors and systems events. This will prevent SCADA operational systems being effected by network or corporate system issues / outages.
    • Review Network topology to ensure internal and external vulnerabilities are not currently being and cannot be abused.
    • Review of router configurations
    • Use of change management system
    • Review remote dial in systems
    • Firewall SCADA systems off from corporate applications
    • Uncontrolled networks and systems within the SCADA environment will compromise the corporate environments integrity and security.
    • Determine if systems used within SCADA are built to a standard operating environment.

    Comment (1)

    1. There is some fantastic info here I will certainly take note

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.