Three ways KVM technology improves cybersecurity for industrial control rooms
Look online and you will find an abundance of information on the “control room of the future.” The problem is that the future is now. As Industry 4.0 becomes more prevalent, IT and OT systems need to evolve and adapt to support the needs of modern industrial organizations.
One of these needs is the remote operation of the computers housed in control rooms. KVM (keyboard, video and mouse) solutions deliver this functionality by separating workers from their machines. Workers use KVM technology to remotely operate multiple systems located in access-secured server rooms. They do this without increasing latency, and in real-time.
With the rise of network-connected control rooms, KVM technology also addresses one of the most common issues facing industrial companies today—cybersecurity. Here are the key benefits of using KVM technology to improve your control-room cybersecurity posture...
1. KVM systems only access computer interfaces, not transmitted data
One of the core strategies for protecting access to networks, systems and data is to remove the computer from the desk. With KVM, workers access only a computer’s interface.
KVM technology enables organizations to separate critical internal applications in the data flow from external applications (web browsers and external video conferencing, for example). They can use network-separation to keep separate the critical processes on their internal networks and everything that is connected to the outside world.
Another advantage of KVM is that it eliminates one of the most common threat vectors—USB drives. Internal cyberattacks involving individuals often begin with a worker plugging a compromised USB drive into a computer. Whether the intent is malicious or innocent, the resulting damage is the same. KVM eliminates this vulnerability by separating workers from computers.
2. Several systems are accessible simultaneously but without a data connection between systems
KVM allows workers to access several systems at a time, but without a data connection between the systems. KVM enables separate computers connected to different networks to be operated from a single user interface. Users switch between computer sources with one console with many screens, all with just a single keyboard and mouse. But the systems remain separated in terms of data transmission.
With KVM, each workplace connects to multiple computer sources at the same time, which operators monitor and operate, but without compromising security. KVM ensures the right system availability at the right time.
3. KVM allows companies to separate networks
Securing IT and OT networks against cyberattacks requires network separation. Organizations must separate critical internal applications from external applications to minimize the risk of cyberattacks.
KVM improves network separation by enabling organizations to classify networks. They classify networks where mission-critical processes run as distinct from external networks that enable access to the internet. Network classification allows for network separation. KVM systems provide the basis for separating network access to prevent cyber-vulnerabilities.
bp Refinery Rotterdam improves security by deploying KVM Matrix solution
The bp Refinery Rotterdam is one of the largest refineries in Western Europe, processing 400,000 barrels of crude oil daily. The company had an urgent need to consolidate several PCs. Users in the security lodge of the production plant operated several PCs that used both single and dual video sources. Users at the main entrance operated PCs that used dual screens. Some management and support work positions were integrated. The company required a solution that let users select any system on any screen and switch quickly between single and dual video sources.
G&D North America developed a unique KVM Matrix solution for all three security lodges that provide secure access to the facility and the main building. Ten workplaces were connected to the KVM Matrix solutions, with each desk having two screens where a selection can be made between single video and dual video sources. The installation involved minimum downtime and zero interruptions to operations.
The users find the G&D solution easy to operate and are more productive now that they can easily and securely select any system on any of the screens and switch quickly between single and dual video sources.
Conclusion
KVM systems build the backbone of IT-supported and OT-supported processes in organizations. Modern KVM systems are not just a way to improve efficiency and flexibility in an operation—they provide an additional layer of protection against cyberattacks.
By Don Hosmer, VP sales Americas & general manager with G&D North America Inc.