AutoSave Protection and Recovery Solutions

CyberSecurityIcon_website
MDT AutoSave addresses a critical aspect of security not addressed by data access & network monitoring applications:
The Intellectual Property in your Device Programs

Manufacturing is the second most commonly targeted industry by attackers and many attacks are successful due to the many vulnerabilities that exist in the manufacturing environment.

 

Employees/contractors: In 2015, 60% of all attacks were carried out by insiders; employees or anyone who has access to a company’s assets (i.e. contractors.) [1]

 

Internetworking: New business models related to the Internet of Things (IoT) have made manufacturers more vulnerable as both the industrial and business networks are interconnected to the internet and no longer separated, expanding the attack surface.

 

The automation layer: One of the easiest and successful way to launch an attack in a manufacturing facility is to change an automation device’s program data. “While a predefined set of process parameters can be changed through HMI/SCADA applications, the logic maintained on the controller defines the process flow and its safety settings. Therefore, changing the controller logic is both the easiest and most successful way to cause such disruption.” [2]

 

[1] IBM X-Force® Research “2016 Cyber Security Intelligence Index”
[2] “Cyberthreats Targeting the Factory Floor” IndustryWeek article, Barak Perelman, August 2016

Regardless of how a threat occurs, MDT AutoSave gives you the ability to:

PREPARE
Secure your program intellectual property
AutoSave saves a copy of each program revision in a central repository. Access to program folders and programs is managed by via a flexible privileging system.
DETECT
Detect changes made outside the change management system
AutoSave compares the latest program copy on file in AutoSave with the program running in each device to identify any differences. If differences are found, the appropriate people are notified with an email highlighting the differences.
RECOVER
Rapidly recover from unauthorized changes.
With an archive of all program revisions, you can quickly restore the latest approved program after an unauthorized change.   
Tracking Firmware Versions in Automation Devices

AutoSave can track data such as firmware, software and CPU versions in automation devices from the following vendors: Siemens, Schneider, Mitsubishi and Rockwell (support for additional device types and automation vendors will be added soon.) The capability to easily and automatically identify this information, for comparison against published threat reports, will greatly aid automation users to address vulnerabilities in their devices. Read more here.

Tripwire Data Collector Cybersecurity Solution Integrates with MDT AutoSave

The Tripwire Data Collector product provides enhanced visibility of cyber risk through its unique ability to harvest asset data using native industrial protocols, standard IT protocols, and integrations with intermediary software applications. In integrating with MDT AutoSave, it can gather and assesses data from devices that have typically been inaccessible to security teams before, while still maintaining a no-touch approach to avoid disrupting operations. Read more here.

Tripwire
Find out more on how AutoSave can protect your plant from threats and recover quickly from unauthorized changes

(Click to enlarge infographic)

What is your Disaster Recovery Plan?