Assignment

Our customer placed demanding requirements on OT cyber security for a production and testing system for medical consumables. The project encompassed more than 20 systems and required robust solutions for the monitoring and control of production networks, secure remote maintenance with audit trails in accordance with FDA CFR 21 Part 11, stable OT communication networks and virtual patches & secure patch management.

Solution

Our security measures for production and testing automation are based on the guidelines of IEC-62443. We implemented important principles such as defence-in-depth, zones & conduits, the principle of least privilege and the principle of least route. By utilising a next-generation firewall and the required OT security licensing, the entirety of production and testing automation was secured and monitored. The central firewall also enabled secure remote maintenance with multi-factor authentication and an audit trail for each subsystem.

Customer benefits

Our solution is scalable, minimises operating risks and ensures the security of the OT environment through tried-and-tested security practices in accordance with IEC-62443. It protects production data, ensures compliance with industrial standards like FDA CFR 21 Part 11 and provides clear guidelines for suppliers and support personnel. This reduces the risk of reputation damage, while asset management of the network components enables effective infrastructure monitoring. Our successful implementation is a testament to our ability to provide complex security solutions in production environments.