Remote work is widespread now, but it makes sense that technology that enables remote connectivity is still a frequently discussed topic in industrial automation. Whether it’s about how it works or how it stays secure, it’s important that you understand how remote connectivity works if you intend to use the technology in your application.
One aspect that’s not covered below is some introductory advice: For an industrial, commercial application, you will need a solution designed for that. A standard free desktop application for your computer or something that you might use for personal remote use isn’t up to the same standard as something designed to stay secure and access equipment that in some cases is countries away.
OK, here we go!
Q: What security aspects should I consider?
A: There are a few security measures we recommend looking for, including:
· No software to install or maintain: This is a major entry point for hackers, and requires your team’s time to maintain. Instead, opt for a service that the provider maintains (while ensuring data stays private).
· App-based two-factor authentication: You know those codes you get automatically sent to your phone for personal website logins? Yep, you want something different for this type of application. This authentication is a stronger way to verify you are who you say you are and should have access to your equipment.
· User-defined password policies and single-sign on: These are must-haves for some companies’ IT teams, and with good reason. These password policies and SSO give your company more control over access, and helps avoid weaker password questions. In addition, when team changes occur, SSO can help ensure access stays up to date.
Q: As a system integrator, I have to remotely connect to clients’ equipment sometimes. How can I reassure them on the security of an outside vendor connecting to their devices?
A: This is a valid concern for end users for any short- or long-term vendors they work with, so it’s great to proactively address it. We recommend option for a platform that allows your client to control what equipment you have access to; the time you’re able to connect; and the duration for connectivity. As an added safety and regulatory measure, it’s best to keep an automatic log of this usage; some platforms automatically offer this audit log.
Q: I have to reach some very remote spots. Can the connections really work there?
A: Yes! The ubiquitous nature of cellular communications have made this type of connectivity a reality for even the hardest-to-reach locations, including mining areas and other harsh environments for traditional connectivity methods.
Q: How is the connection formed?
A: Different platforms may have their own specific techniques. But generally a secure VPN connection is created between the platform and the gateway or device you’re monitoring. Using a platform that has one-time-use VPN tunnel connections is ideal from a security standpoint.
Q: Can I use it with my own cloud center, or have an on-premises deployment?
A: Some platforms (including Belden Horizon Console) have this as an option for companies that prefer to stick with an existing cloud tenant or private center, or require on-prem deployment for regulatory or security reasons. For on-prem deployment, experts are also available to help with installation and maintenance.