Secure configuration management

Authentication and tracing logs

Misconfiguration is a common issue in network Cyber Security events. They may be caused by intentional or unintentional operator changes, or sometimes by attacks from external networking.

According to ISA62443 specification, any networking component that can be configured dynamically should follow the below principles:

1. User identification and authentication: The component should enforce identification and authentication on the interfaces that provide human user access, with every user having a different account and privileges. The top administrator alone can change the settings, while operation engineers can only observe device configurations.

2. Non-repudiation for user actions: The component should be able to determine if an action was performed by a human user, and the action should be logged in a human-readable report containing the timestamp, user account, and details of the event. 

3. Configuration integrity checking:  If the component supports configuration files, it should also be able to check file integrity to avoid damage by corrupted files. 

Authentication should include two-step verification, with a physical component kept by the top administrator as well as a general virtual account password. Both the physical key and the virtual account password for the device are required in order to access configuration mode and change settings.

In addition, if the device is on the border of a secure network, setting changes should only be available from the secure network site to avoid attacks from the exposed interface.

Usually, configurations are not changed once a secure component is put into field operation. If a change is unavoidable, however, it should be executed through the most secure means and properly recorded. These records may not be deleted.

Our solutions utilize two-factor authentication, and configurations are allowed only from the secure site to ensure that there is no risk of configuration changes from the outside. Any changes are logged and can also be synchronized to redundant devices. For more detail, contact us.

Ready to change? Talk to us about your plan

Our team will be happy to answer any of your queries

CONTACT US

Your best partner for
OT Cyber Security

If you have any questions regarding our
products, services, or the website,
please let us know by completing and
sending us a form.

By submitting this form, you agree to our
Privacy Policy.

CONTACT US

Your best partner for
OT Cyber Security

If you have any questions regarding our products, services, or the website, please let us know by completing and sending us a form.

Your Security is Our Duty

Contact Info

Phone: +886-3-5501898
Address: No. 146, Sec. 1, Dongxing Rd., Zhubei City, Hsinchu County , Taiwan (R.O.C.)
Email:  sales@blackbear.tw

CONTACT

BlackBear(Taiwan) Industrial Networking Security Ltd. © Copyright 2021

Scroll to Top