Honeywell Process Solutions (HPS) has released a solution for industrial sites as they balance productivity and cyber security demands. Honeywell’s Secure Media Exchange (SMX) protects facilities against current and emerging USB-borne threats, without the need for complex procedures or restrictions that impact operations or industrial personnel.
Malware spread through USB devices – used by employees and contractors to patch, update and exchange data with onsite control and computer systems – is a key risk for industrial control systems. It was the second leading threat to these systems in 2016, according to BSI publications, and uncontrolled USBs have taken power plants offline, downed turbine control workstations, and caused raw sewage floods, among other industrial accidents.
“Industrial operators often have hundreds or thousands of employees and dozens of contractors on site every day,” said Eric Knapp, Cyber Security chief engineer, HPS. “Many, if not most, of those rely on USB-removable media to get their jobs done. Plants need solutions that let people work efficiently, but also don’t compromise cyber security and, with it, industrial safety.”
Currently, many plants either ban USBs, which is difficult to enforce and significantly reduces productivity, or rely on traditional IT malware scanning solutions, which are difficult to maintain in an industrial control facility and provide limited protection. These solutions fail to protect process control networks against the latest threats, and offer no means to address targeted or zero-day attacks.
“SMX is a great example of Honeywell’s major investments in new industrial cyber security technologies, products, services, and research which further strengthen our ability to secure and protect industrial assets, operations and people,” said Jeff Zindel, vice president and general manager, Honeywell Industrial Cyber Security. “With the continued increase in cyber threats around the world, Honeywell’s industrial cyber security expertise and innovation are needed more than ever for smart industry, IIoT and critical infrastructure protection.”
Honeywell’s SMX was developed by the company’s cyber security experts based on field experience across global industrial sites and feedback from Honeywell User Group customers. Honeywell has one of the largest industrial cyber security research capabilities in the process industry, including an advanced cyber security lab near Atlanta. Honeywell also partners with cyber security leaders, including Microsoft, Intel Security and Palo Alto Networks, among others, to develop new, highly-effective industrial threat detection techniques.
Honeywell’s SMX provides hassle-free, multi-layered protection for managing USB security, letting users simply plug in and check devices for approved use in the facility. Contractors “check-in” their USB drive by plugging it into an SMX Intelligence Gateway. The ruggedized industrial device analyzes files using a variety of techniques included with Honeywell’s Advanced Threat Intelligence Exchange (ATIX), a secure, hybrid-cloud threat analysis service.
SMX Client Software installed on plant Windows devices provides another layer of protection, controlling which USB devices are allowed to connect, preventing unverified USB removable media drives from being mounted, and stopping unverified files from being accessed. SMX also logs USB device connectivity and file access, providing a valuable audit capability.
“For most plants, the proliferation of removable media and USB devices is unavoidable, but the security risks they bring don’t have to be,” said Knapp. “We know our customers have limited resources to maintain another system, so Honeywell manages SMX for them. SMX never connects to our customers’ process control networks. From a system administration perspective, it’s like it’s not even there.”