Professional Documents
Culture Documents
Practical Guide For Remote Access To Plant Equipment 58
Practical Guide For Remote Access To Plant Equipment 58
At a minimum, two-
factor authentication (TFA) should be required for any individual to gain
access to the system. This should be structured for not only Remote Access
but any local network connections as well. This should be applied at the
network connectivity level since most industrial devices do not have TFA
as part of the product. Individual logins and an audit trail would be ideal for
tracking and tracing any issues and mitigating risk. One must know who was
in the system by the individual, not just group access.
Devices chosen to create bridges or tunnels to the outside must not have
any method that leaves the connection open, whether on purpose or
accidentally. Some devices provide a key switch to enable a connection to a
device. Procedures must be in place to ensure these physical switches are
not left open.