The importance of data security in manufacturing
The manufacturing industry is now one of the most frequently hacked industries, coming second only to healthcare, according to IBM’s 2016 Cyber Security Intelligence Index. The vulnerability often lies in businesses believing that they’re not likely targets because they don’t hold vast amounts of consumer data and therefore, they don’t concentrate on cybersecurity.
But if the last year has taught us anything, it’s that the industry is far from immune. Only in August, researchers at Kaspersky Lab revealed a sophisticated cybercrime operation targeting more than 130 manufacturing, industrial and engineering firms across the world. Operation Ghoul used email phishing tactics to spoof letters from banks in an attempt to get unsuspecting recipients to hand over sensitive corporate information.
With the rise of the Internet of Things in manufacturing, the impact on security only gets more complex. For example, what would it mean to BMW if their customer’s car is sending over data on diagnostics, allowing remote control and potential hacking? It’s no longer traditional computers that are the gateway to a business; cars, thermostats and home appliances all need to be considered.
Without wanting to be alarmist, a good place to start for a business reviewing its security provision is to consider the impact of any potential hack. Manufacturing is a broad church but every company is going to have its own set of “crown jewels”, the loss of which would be devastating. In a world in which competitive advantage is everything, imagine sensitive customer information, or a design that you’ve spent millions developing over several years suddenly getting into competitors’ hands. According to a report by Sikich, the cybersecurity risks to the manufacturing sector include everything from operational downtime, to physical damage, product manipulation and the theft of intellectual property and sensitive data.
It would be fair to say that, as a sector, manufacturing has been slightly slower than some to react to the threats of cyber-attacks and hacking. This may well be due to its deep roots, its traditions and history and the perception that what matters most is the quality and cost of your product rather than the IT systems. Of course, this is a generalisation and there are many high-end manufacturers for whom cutting edge computing is not just a business support but is central to everything they do. However, for the smaller company, a simple decision about where you save all the files and customer information, a decision that can have significant consequences for data security, may not have had the due-consideration that the modern world demands.
Perception is also a significant factor here. No manufacturer works in isolation and a reputation for lax security is going to be potentially harmful to all manner of crucial relationships. If you are manufacturing items on behalf of someone else then secure IT systems are an absolute must; in a buyer’s market, you simply can’t afford to appear more vulnerable than a competitor. Likewise, if your company is looking for investment, then you’re going to be an inherently less attractive prospect if you’ve a history of poor security.
So what steps can a manufacturer take to prevent a serious hacking attack or data breach? Firstly, it’s vital for data security to be treated as a business issue, as opposed to just an IT problem. This is about more than just changing passwords regularly; time and should be taken to develop a comprehensive information security plan. Employees should be trained and certified as required, and the possibility of an insider threat should not be underestimated. The ubiquity of email brings with it is own set of security problems so ensure that staff are briefed on the basics and report any suspicious attachments or links.
Another crucial piece of advice would to be consider what customer data is stored in proprietary cloud-based systems. One of the main concerns for organisations is that information stored in the public cloud is beyond its control. Imagine investing in the best security tools and having the most sophisticated authentication protocols, but still being at the mercy of your cloud vendor’s security mechanisms for managing your most precious asset, your customer data. Your top-notch information security team has no visibility into those security controls, and you have no way to move to another CRM cloud vendor if those security mechanisms are challenged or, worse, fail. It’s not a comfortable feeling. Couple the loss of control with the media’s constant reporting of embarrassing high-profile data breaches and the unease about having customer data exposed grows. This is understandable, given the obvious consequences: compromised reputation, lost business, and fines levied for regulatory violations.
At SugarCRM, we’ve met this challenge head-on and by partnering with IBM Cloud our technology can be deployed across bare metal cloud servers, dedicated off-premise clouds or private cloud environments behind the firewall, all of which provide a level of security far beyond what’s available via public alternatives.
This is of course just one option amongst many but I’m confident that our customers can get on with running their business without worrying about the vulnerability of their CRM data. I’d wish the same for all companies, large and small, within the manufacturing sector. Once you’ve achieved peace of mind about your IT systems then, regardless of the headlines, you can dedicate your time to overseeing the success of your business; and there’s little more satisfying than that.
Tanmaya Varma, Global Head, Industry Solutions, SugarCRM
Follow @ManufacturingGL and @NellWalkerMG
Siemens: Providing the First Industrial 5G Router
Across a number of industry sectors, there’s a growing need for both local wireless connectivity and remote access to machines and plants. In both of these cases, communication is, more often than not, over a long distance. Public wireless data networks can be used to enable this connectivity, both nationally and internationally, which makes the new 5G network mainframe an absolutely vital element of remote access and remote servicing solutions as we move into the interconnected age.
Siemens Enables 5G IIoT
The eagerly awaited Scalance MUM856-1, Siemens’ very first industrial 5G router, is officially available to organisations. The device has the ability to connect all local industrial applications to the public 5G, 4G (LTE), and 3G (UMTS) mobile wireless networks ─ allowing companies to embrace the long-awaited Industrial Internet of Things (IIoT).
The router can be used to remotely monitor and service plants, machines, as well as control elements and other industrial devices via a public 5G network ─ flexibly and with high data rates. Something that has been in incredibly high demand after being teased by the leading network providers for years.
Scalance MUM856-1 at a Glance
- Scalance MUM856-1 connects local industrial applications to public 5G, 4G, and 3G mobile wireless networks
- The router supports future-oriented applications such as remote access via public 5G networks or the connection of mobile devices such as automated guided vehicles in industry
- A robust version in IP65 housing for use outside the control cabinet
- Prototypes of Siemens 5G infrastructure for private networks already in use at several sites
“To ensure the powerful connection of Ethernet-based subnetworks and automation devices, the Scalance MUM856-1 supports Release 15 of the 5G standard. The device offers high bandwidths of up to 1000 Mbps for the downlink and up to 500 Mbps for the uplink – providing high data rates for data-intensive applications such as the remote implementation of firmware updates. Thanks to IPv6 support, the devices can also be implemented in modern communication networks.
Various security functions are included to monitor data traffic and protect against unauthorised access: for example, an integrated firewall and authentication of communication devices and encryption of data transmission via VPN. If there is no available 5G network, the device switches automatically to 4G or 3G networks. The first release version of the router has an EU radio license; other versions with different licenses are in preparation. With the Sinema Remote Connect management platform for VPN connections, users can access remote plants or machines easily and securely – even if they are integrated in other networks. The software also offers easy management and autoconfiguration of the devices,” Siemens said.
Preparing for a 5G-oriented Future
Siemens has announced that the new router can also be integrated into private 5G networks. This means that the Scalance MUM856-1 is, essentially, future-proofed when it comes to 5G adaptability; it supports future-oriented applications, including ‘mobile robots in manufacturing, autonomous vehicles in logistics or augmented reality applications for service technicians.’
And, for use on sites where conditions are a little harsher, Siemens has given the router robust IP65 housing ─ it’s “dust tight”, waterproof, and immersion-proofed.
The first release version of the router has an EU radio license; other versions with different licenses are in preparation. “With the Sinema Remote Connect management platform for VPN connections, users can access remote plants or machines easily and securely – even if they are integrated in other networks. The software also offers easy management and auto-configuration of the devices,” Siemens added.