IT Remote Access VS. OT Remote Access
An outline and comparison of the key differences between remote access used in an IT environment, and remote access solutions that cater to an industrial OT environment.
Waterfall team
When it comes to Remote Access, pretty much all available solutions deliver a very similar user experience. The user logs in and accesses another computer or device. But when we look a bit deeper, there are some very deep variations that come into consideration, especially when it comes to cybersecurity. The purpose and goals of remote access vary greatly between different uses and the acceptable levels of security.
In one of our previous blog posts, HERA Under the Hood, we covered how HERA works by explaining its technical functions and tasks. Here, we are going to outline how HERA is used and all the ways it differs from common IT Remote Access solutions.
“The purpose and goals of remote access vary greatly between different uses and the acceptable levels of security.”
Environment and Criticality
For IT Remote Access: Typically involves accessing corporate networks, applications, and data. Downtime or breaches can affect business operations, and can be costly, but usually have no impact when it comes to physical safety.
For OT Remote Access: Involves accessing industrial control systems (ICS), SCADA systems, and other critical infrastructure. Downtime or breaches can lead to significant physical and safety risks, including potential harm to people and equipment. There is very little “margin-of-error” as anything that might trigger a shutdown, even as a precaution, will have a very public and far-reaching impact.
Network Architecture
For IT Remote Access: Often involves flat network architectures and usually uses technologies like VPNs and remote desktop protocols (RDP).
For OT Remote Access: Requires segmented and isolated networks to prevent cross-contamination. Utilizes unidirectional gateways, secure remote access appliances, and proprietary protocols purpose-build and designed for OT environments.
Security Focus
For IT Remote Access: Focus is on data security, confidentiality, and integrity. Primarily protecting against data breaches and unauthorized access.
For OT Remote Access: Emphasizes availability, reliability, and safety of physical processes. Protects against disruptions that could impact operational continuity and physical safety.
Update and Patch Management
For IT Remote Access: Regularly scheduled updates and patches are common.
For OT Remote Access: Patching can be more complex and infrequent due to the need for continuous operations and the critical nature of the systems.
Compliance and Standards
For IT Remote Access: Governed by standards such as ISO/IEC 27001, GDPR, and HIPAA.
For OT Remote Access: Governed by standards such as IEC 62443, NERC CIP, and NIST SP 800-82.
Technology and Tools
For IT Remote Access: Uses commercial off-the-shelf (COTS) solutions like VPNs, remote desktop services, and cloud-based remote access tools.
For OT Remote Access: Often requires specialized solutions tailored for industrial environments, such as industrial VPNs, secure remote access hardware appliances and unidirectional security gateways.
While the final result with both OT and IT remote access is a functional way of accessing a workstation remotely, the pathway to each one is of dramatically different considerations, and priorities. The goal of IT cybersecurity is to protect sensitive information from getting OUT, while OT cybersecurity protects sensitive equipment by not allowing anything IN.
When it comes to protecting OT remote access, no one offers the robust protections that HERA delivers. Read more about Hardware Enforced Remote Access (HERA)
About the author
Waterfall team
Share
Trending posts
IT Remote Access VS. OT Remote Access
Webinar: Industry-Specific 62443 Insights for Power Generation
New Resource: Adapting IT Advice for OT | Episode 129
Stay up to date
Subscribe to our blog and receive insights straight to your inbox