Recent reports on the stealing of sensitive data from global companies bring industrial espionage to the forefront of the discussion. This subject is increasingly part of the real world of critical infrastructures since, in an extremely competitive and globalized market, ethical competition is often overlooked, causing the incessant pursuit of secret information from competing companies.
Do not let confidential data from your automation plants be stolen. Get to know our solutions for data security.
With the entry into force of the LGPD / GDPR, General Law on Data Protection, Brazilian companies of all sizes will have to invest in data security and implement compliance systems to detect and prevent violations of personal data, avoiding penalties and fines that can reach up to 50 million reais per incident.
The introduction of the LGPD / GDPR has business impact as it forces utilities to re-evaluate their data collection, security, and upgrade policies of existing systems to minimize possible leakage of sensitive information from individuals.
Figure: Data privacy for utilities
How can TI Safe help?
Ti Safe offers utility companies a set of solutions for the implementation of LGPD / GDPR requirements in their IT and Automation infrastructure. This set of services and technology solutions called LGDP / GDPR for utilities is based on the ICS.SecurityFramework® methodology and divided into implementation steps as follows:
1) Development of Risk Analysis in IT and TA networks
The. Understanding risks on networks where data travels and is hosted
B. IT and TA networks are analyzed
2) Security planning and data protection
The. Description of the needs of cyber security policies and controls for private data protection
B. Review of access control of sensitive data in IT and ATM networks, including verification of current authentication mechanisms and proposed improvements
W. Indication of the need to purchase security solutions to protect sensitive data
3) Deployment of security solutions
The. Implementation, customization, integration and training in technological solutions to protect confidential data such as:
* Security policies and procedures
* Sensitive data flow control
Strong Authentication Mechanisms
* Anonymization of private data using encryption
4) Continued compliance management via ICS-SOC®
The. Management of process security and solutions related to LGPD / GDPR
B. Maintenance of up-to-date evidence
W. Generation of reports for external audits
d. Generation of evidence for the government in case of audit or data leakage from IT networks and / or TA
and. Response to private data leakage incidents
f. Specialized legal support
Count on us to assist in the implementation of LGPD / GDPR in your company.
In industrial environments, access control should be a point of extreme attention to ensure that the same connection used by users is not an opportunity for hacker attacks.
Although remote access is already present in most companies, many weaknesses are related to this mechanism and significantly increase the risks for your plant:
Weak authentication: “User and Password” authentication can suffer from brute force attacks to the installation of keyloggers on remote users' machines;
Use of unreliable machines: a remote machine contaminated by malware can contaminate the control network and freeze the operation of the control systems;
Use of untrusted networks: the Internet and public wi-fi networks are insecure channels for transmitting data and can be spied on (using sniffers);
Vulnerable technologies: browsers are vulnerable and there are numerous attacks that exploit their weaknesses;
Poor traceability: difficulties in identifying who accessed the network.
Most infections and cyber attacks exploit these vulnerabilities. According to the ISA / IEC-62443 standard, there are steps that must be followed to ensure the security of remote access. Are they:
1 step: Identify user, computer and network: use double factor of authentication. Network authentication must take place over a secure connection using strong encryption;
2 step: Users' credentials must be validated and must grant access to a segregated network: from that point, the user will be able to open a remote terminal service, which will allow him to access the systems authorized to him in the automation network;
3 step: The terminal environment should be protected against malware, have user-specific access permissions, and constant monitoring (logging and session recording).
Figure: Steps for secure remote access to industrial systems
To ensure security in remote access to automation plants, the TI Safe ICS-SOC team offers the solution ICS.SecureRemoteAccess, applicable to all critical infrastructures, and which implements all the security steps mentioned by the ISA-IEC-62443 standard. The figure below shows the solution architecture:
Figure: Operational architecture of the TI Safe ICS.SecureRemoteAccess solution
ICS.SecureRemoteAccess offers a secure means of communication between the remote user and the operational control center with double factor authentication. The solution is managed and monitored 24x7 by the TI Safe ICS-SOC team.
The deployment is done remotely and without the need to visit the customer's premises.
In addition to being necessary for remote work during pandemics, the solution also meets the requirements of LGPD, GDPR and meets the new cyber security network procedure for power plants that is being developed by ONS.
Sign in contact for more informations.
Digital certification enables the transfer of existing credibility in the real world to the virtual environment. Trust and integrity are obtained through mathematical relationships within the so-called Public Key Infrastructure (PKI). In Brazil, electronic documents signed with a valid digital certificate by ICP-Brasil have legal value, and are legally accepted in the same way as paper documents signed by the pen and registered in a notary's office.
Security of systems based on digital certification is directly associated with the security of the storage of your private keys. These keys must be stored in Encryption Modules (Hardware Security Modules - HSMs), which guarantee its inviolability, besides offering performance in the tasks of encryption, digital signature and verification.
TI Safe has extensive experience in deploying Public Key Infrastructures that enable the use of digital certificates for signing and encrypting confidential documents and are used to ensure the integrity and confidentiality of documents, avoiding industrial espionage.
Figure: HSM Safenet Luna, network model (left) and PCI (right) - Used for encryption and large-scale digital signature