Claroty, the cyber-physical systems (CPS) protection company, has officially announced the launch of its new xDome Secure Access solution, which is designed to mitigate the remote access risks currently being faced by mission-critical OT assets. Purpose-built for needs of the OT domain, the solution works by operationalizing the right balance between frictionless access and secure control over third-party interactions with CPS. This, in turn, goes a long distance to enhance productivity, reduce complexities and risk, as well as ensure compliance across first- and third-party users. Furthermore, the solution comes well-equipped with an ability to integrate foundational security principles, such as Identity Governance and Administration (IGA), Privileged Access Management (PAM), and Zero Trust Network Access (ZTNA), something which will contribute sizably towards the establishment of new standards for resilience and operational excellence in the CPS landscape. Talk about the whole value proposition on a slightly deeper level, we begin from the promise of better productivity, a promise where seamless access for both first- and third-party users effectively reduces Mean Time to Repair (MTTR). On top that, the proceedings are also expedited by facilitating quicker issue resolution, operating under low bandwidth conditions, ensuring high system availability, and upholding critical site survivability. Next up, we must get into how the product in question will reduce risk. Packing together a tailored Zero Trust framework, PAM capabilities, and IGA functionality, it will enhance incident management, access controls, and system monitoring, all for the overarching purpose of helping companies manage and govern the entire identity lifecycle, from initiation to retirement, with the utmost precision and security.
“Safe and secure CPS access requires precise access management, identity management, privileged access, and identity governance capabilities – all built for the exacting operational requirements, environmental constraints, and risk tolerances unique to OT environments. Every access to an OT asset is privileged access by definition as they have the potential to impact safety and availability,” said Grant Geyer, chief product officer at Claroty. “Claroty xDome Secure Access not only provides frictionless access to maximize productivity, it also does so with built-in security that is invisible to the operator which is crucial for safeguarding critical infrastructure.”
Alongside risk, the xDome Secure Access solution will look to cut back on complexities. Here, the idea is to leverage a scalable, cloud-managed architecture that offers the flexibility to operate both on-premises and in the cloud. Beyond that, the intention is also to simplify administrative tasks that require constant operational control. This the solution does, like we referred to, by integrating seamlessly with Identity and Access Management (IAM) tools, and by enhancing identity management, and enabling centralized site management and policy creation. Rounding up highlights would be the product’s commitment towards compliance maintenance. In practice, such a commitment will talk to the availability of necessary controls for real-time logging and auditing of user identities, which is crucial when it comes to maintaining comprehensive audit trails and meeting regulatory requirements. It also becomes important in the context of protecting your organization against potential legal and financial penalties.
The development in question delivers a rather interesting follow-up to one research conducted by Claroty. The stated research revealed how nearly 3.7% of all OT assets have an insecure internet connection, with 13% of engineering workstations (EWS) and human-machine interfaces (HMIs) also suffering from an insecure internet connection. In case that’s not enough, the research further discovered that an estimated 36% of insecurely internet-connected EWS and HMIs contain at least one KEV.
“Our research supports the notion that increased remote access translates to an expanding attack surface and greater risk of disruption to critical infrastructure, which can ultimately impact public safety and the availability of vital services,” said Amir Preminger, vice president of research for Claroty’s Team82, the company’s research group.