Join the dots: Operational Technology and Informational Technology
One area of information technology that is typically ignored by IT departments and consultants is industrial control systems. This is unfortunate because these “operational technology” systems have much to benefit from interconnection with IT networks.
Operational technology refers to computer systems that are used to manage industrial processes. This could be a manufacturing production line that is used to control product assembly, a process control system that manages a continuous process such as oil refining, or an industrial monitoring system used to manage an electricity grid.
For a long time Operational Technology (OT) has been deployed and managed by operational staff in isolation from information technology (IT) personnel who manage administrative systems such as email, HR or financial management systems. While historically this has been considered good practice, advances in technology mean that there are fewer reasons to maintain this separation and good reasons to consider integration. Now is the time for industrial companies to review their industrial computer systems (ICS) and consider how they could be modified to exploit capabilities on the IT network and leverage their OT assets within the business.
- The need for a separate OT network should be reviewed. With advances in firewall and gateway technology a more secure and less costly infrastructure is probably possible. It is recommended that a risk-management approach to evaluating the divide between 0T and IT be taken and that an appropriate level of integration be adopted.
- With access to IT infrastructure it is possible to exploit advances in access control. Fine-grained, policy based access management is now possible, integrated with corporate provisioning mechanisms.
- Many OT installations use VPN technology for access by remote users which has some vulnerabilities and operational difficulties. The potential for exploiting dynamic authorisation technology should be investigated.
- Mobile devices should also be considered. SCADA displays are ideally suited to tablet technology and authentication options make access from such devices secure.
- The proliferation of IP devices for monitoring and control will have an impact on ICSs. Industrial companies should put in place policy for the management of APIs in order to maintain a secure environment.
- The possible benefits of Cloud technology should be investigated if only for data storage; but other benefits such as Hadoop analysis of SCADA logs could be very beneficial.
Integration of OT and IT within industrial companies has significant advantages. It will allow for 0T deployments to benefit from IT developments and for 0T assets to be leveraged for business purposes. Industrial companies are increasingly making their manufacturing and system monitoring information available in order to improve agility and react to real-time business requirements.
This integration with IT also allows OT deployments to exploit disruptive technology such as the Internet of Things (IoT) by adopting standards-based interfaces and corporate standards for API security and management.