Authentication is a method used to validate that a device or user is authorized to gain network access and that the source of data is genuine. Authentication is an important aspect of industrial security linked to process availability—and can be more important than the concept of encryption. Devices within a network must be authenticated and industrial-grade wireless networks should support device authentication.
Encryption, or the method used to encode data to prevent unauthorized access to the data, is important to both wired networks and wireless networks. It is important to verify that the level of encryption that a candidate wireless network uses will meet the needs of the security risk level of the industrial ecosystem. Throughout, these networks need to follow cryptographic protocols such as Diffie-Hellman.
Industrial-graded wireless networks make securing wireless deployments easy to implement and maintain.
Network devices must be set to the highest security level by default to protect against man-in-the-middle attacks and spoofing. Also, industrial-grade wireless networks must provide the capability to disable automatic updates along with the ability to update firmware over the air or wire.
Vendors of industrial-grade wireless networks perform analytics, continually learn about security, and share security threat data with regulators and the larger community.
Industrial-grade wireless security must cover the entire lifecycle, from product development through deployment, operation, and retirement.
Industrial-grade wireless networks support the implementation of password change policies. In addition, these networks need to use spectrum monitoring efficiently to gain awareness of normal versus abnormal wireless activity.
It is important for IT professionals to recognize that wireless security practices used in the office may not be available for industrial deployments. The most important message to all users and developers of industrial-grade networks is that security is part and parcel of the definition of mission-critical, and technologies must assure that both cybersecurity controls and cyberattacks do not limit or prevent the capability of the system running with the highest availability factors.