Securing Passwords for OT Networks
Updated: Mar 7
Article Written By: Julius Caten
The topic of passwords is on every login screen, including account creation screens and password reset screens. On a day-to-day basis we think of the passwords we use to read our email or log into our computers.
But, in an Operational Technology (OT) building network there can be tens, hundreds and sometimes thousands of devices that require a password to gain access to the device’s admin screen. There can be many different user logins as well. Take a look at the table below and see how many passwords a building’s OT system and supporting systems may have.
Is there a list of passwords that is too easy to access, or is there a vendor to call to get logged into different building system? What happens if only one technician knows that password and they left that vendor?
Multi-factor authentication is being added to many corporate desktop and laptop user logins. It’s important that building OT systems support multi-factor authentication. What are the day-to-day implications of OT Multi-factor authentication and how can these be managed in the OT environment?
It is vital to have company policies, employee trainings, and audits of the use of strong passwords, shared passwords, password documentation and default passwords. Passwords should not be stored under keyboard, written on whiteboards or other visible places, or stored in text files or smart phones. Password storage tools and saving passwords in a browser should be standardized across the organization with a complimentary policy to ensure that passwords are being properly stored and maintained.
Building staff can be overwhelmed trying to keep track of every password required to manage the devices on an OT network. But, our team at 5Q Cyber can help with this important and overlooked task. Reach out to us at firstname.lastname@example.org or read more at 5qcloud.com/5q-cyber