Why cyber security? There are several definitions for cyber security, like Cyber security is the state in which the risks associated with the use of information technology are reduced to a tolerable level. Risks arise from threats and weaknesses to systems and products. Information security is… Read More
360° security – the holistic approach Comprehensive and sufficient security is not achieved by implementing only (one) technical measures in the system. An adequate security concept must include the technology used, defined processes, and the people involved, i.e., it must specify both technological and organizational measures. Security… Read More
Protection of project data on the hard disk and during transfer Engineering and parameterization tools (e.g. PLCnext Engineer) often store plain, i.e., unencrypted project data on the harddisk of your computer. The data is therefore unprotected against tampering and theft. Use a suitable encryption method: to… Read More
NAT and port forwarding General information Network Address Translation (NAT) separates internal (private) and external (public) network areas. A NAT device (which is usually located at the network or zone border) exchanges public and private IP addresses. This way, all internal network addresses are hidden behind the… Read More
Network segmentation It is difficult to determine the protection needs of an entire plant and to implement protective measures on this basis. If an office network, factory network and, for example, production line networks are directly connected to each other, malfunctions and viruses can be spread directly over all… Read More
Restricted mobile access: protecting a WLAN by password Unauthorized smart devices must not be able to connect themselves via the WLAN interface. For that reason, your strict password rules should also apply to all wireless access points in your ICS. WLAN components from Phoenix Contact enable automated… Read More
TLS / HTTP(S) To secure the transmission of data between network devices used to build automation infrastructures and systems (such as controllers), or between an engineering software and devices which you configure and commission via this software, you should use security-capable transmission wherever they are supported. Such protocols… Read More
Technical and organizational security measures To achieve security, a holistic approach is necessary: An adequate security concept must include the technology used, defined processes, and the people involved, i.e., it must specify both technological and organizational measures. Many but not all threats can be defended against with… Read More
