Editor's Note: This article was contributed by Julia Santogatta, Belden's director responsible for the wireless initiatives, with expertise from Daniel Wade, Chief Architect-Wireless Products and Jeffrey Caldwell, Chief Architect-Security.
What is the No. 1 concern when it comes to wireless solutions in the industrial world? While the answer might be debatable, if you’ve read some of my other blogs you know I feel passionately that it often comes down to one of two things – is it reliable enough and can I secure it?
At our recent Industrial Ethernet Infrastructure Design Seminar, Jeff Caldwell, chief architect for security at Belden, posed this question to the audience – is wireless more secure or less secure than a wired network? Crazy question, right?
But when you start thinking about it and boiling it down to the basics, maybe he has something here. Consider this:
- Passwords generally aren’t needed to plug a wired PC into a router and access a network, but they are required to connect to a wireless network. You can lay down a hub, use Wireshark or the like and see all of your data streams.
- Not the case with wireless, even if you’ve only set up the most basic and common place security, which 95% of the population does.
Thus while saying wireless is more secure than wired networking may be hard to grasp, comparing the reality of the two options can be helpful.
I know. You’re probably thinking to yourself, “I still worry. I hear about so many attacks these days.”
Well, today I’d like to introduce you to the 7 key questions to ask yourself when planning your WLAN. Shared medium or not, wireless can be secure. So let’s combine these questions with the “Golden Rule of Industrial Wireless Security” and calm your fears a bit.
While you may fear that industrial wireless is insecure, today’s reality is different. By turning on the security features available in current equipment offerings and following our Wireless Golden Rule, it is possible to secure wireless applications.
The Golden Rule of Industrial Wireless Security: Deploy Securely, Monitor Regularly
How do you deploy securely? We’ll get into that in a second, but let’s briefly talk about the importance of monitoring regularly.
You can have the best security strategy in the world – wired or wireless – but things change. Researchers continually identify new threats, automation equipment vulnerabilities are frequently revealed and unintential cyber security incidents happen regularly.
Therefore, an important part of your security strategy must be setting up systems to monitor your network, automatically alerting for unusual activity. In addition, establishing a process for regularly updating the system, software and plan is critical.
Now onto the other stuff – how can wireless systems be deployed securely?
While you need to consider several different aspects, it doesn’t have to be overwhelming. If you want to ensure you’ve covered all of your bases, ask yourself these seven questions:
- Have I protected the network devices?
- Have I set up protection for my network from misconfigured devices and from bad behavior?
- Are the authenticated, legitimate wireless users or devices safeguarded from other users or equipment?
- If using a WLAN controller, have I protected the network between the access point and controller?
- Have I set myself up to recognize Denial of Service (DoS) potentials, air interference, or when other “bad stuff” might be happening?
- Do I have legacy devices? Have I handled them properly so I don’t open up accidental vulnerabilities?
- Are there physical considerations around the wireless devices themselves or the wireless coverage areas I need to address?
If you’re not sure how to address some of these questions, let me give you a hint. Today’s industrial wireless equipment has numerous security features built-in. It’s often just a question of making sure you use them!
If you are looking for details, stay tuned. I’ll address strategies for each of the questions, expand on the Golden Rule, and discuss what security features to make sure are included (and turned on!) in wireless devices in Part 2 of this article.
What are your concerns about wireless security? I look forward to your comments and exchanging ideas with you.
- Blog: 7 Key Questions for Industrial Wireless Security, Part 2 of
- Webpage: Wireless products
- Blog: Oil Refinery uses Industrial Wireless for Remote Monitoring
- Blog: New PRP Redundancy Extends Industrial Wireless Applications – Part 1 of 2