How to secure wireless industrial networks?
Industrial telecommunications networks have expanded substantially in recent years with the addition of wireless technologies. The use of Wi-Fi has opened up a host of possibilities for operational technology (OT) networks, but since it also exposes them to new threats, close monitoring and precautions are essential.
Industrial Wi-Fi networks are increasingly common
Historically, OT networks involved wired technologies only. They were mainly composed of industrial programmable logic controllers (PLCs) that required physical connections.
But the Internet of Things (IoT) has added another dimension to OT networks, and new trends such as the widespread use of sensors have made it difficult—if not impossible—to use cable connections between devices. Meanwhile, the rise of mobile technologies has also prompted companies to switch to wireless communications in their industrial environments. Today, Wi-Fi isn’t just available in offices, it’s also common in factories and warehouses.
New cybersecurity threats
Using Wi-Fi to connect OT devices has led to unprecedented security challenges. In the past, you had to be standing right next to a machine if you wanted to start it, stop it or change its operating speed. The need for physical proximity provided a certain degree of control over who could access the equipment.
But adding wireless communications to an OT network makes it inherently vulnerable to being accessed by unauthorized users, such as employees from other departments, customers or suppliers visiting the site. The wireless range might even allow someone parked nearby or driving past to access the network.
The problem is that corporate Wi-Fi networks are often less secure than physical communication networks. Since they’re perceived as less critical, these networks are a convenient way for employees and visitors to access the Internet, especially using their personal mobile devices.
8 tips for making wireless OT networks more secure
Wireless production or logistics equipment should be treated with the same care and attention as traditional OT networks.
Here are some practical tips for securing a wireless OT network:
- Hide the network SSID so that unauthorized users can’t see it on their mobile devices.
- Don’t assign a generic or obvious name to the SSID. Specifically, forget using the company name or key terms like “wireless,” which make it easier for unauthorized users to connect to the network.
- Keep access points off-limits and under lock and key to prevent individuals from pressing the reset button or adding an electronic “sniffer”.
- Create a whitelist of devices that are authorized to connect to the network.
- Split the wireless network into sub-networks for different usage types. For example, warehouse employees whose job involves scanning bar codes shouldn’t use the same wireless network as temperature or pressure sensors.
- Encrypt data carried over the network to make it unusable and worthless outside the company.
- Actively manage access point firmware to keep it up to date and prevent exposure to known threats.
- Continuously monitor the network to make sure data traffic volumes and paths are consistent with expectations. This will allow you to quickly identify suspicious discrepancies.
At NOVIPRO, our experts are up to date on the latest trends in wireless networking. Since we’re familiar with the constraints affecting the industrial and commercial sectors, we can help you improve your OT network security and monitoring, two key components in protecting your business continuity. Talk to us about your IT and telecommunications challenges. We’re here to help.