ICS Access Control to protect DCS/SCADA Computers from Portable Devices:
Devices Access to Industrial Control Systems (ICS) Supervisory & Control Computers needs to be managed, mainly because removable storage and other portable devices may contain malware exploits that could infect the operating system and affect the HMI, shared-database or communication infrastructure and ultimately make the Supervisory System loose Control of the process/machinery being managed causing process upsets and put personnel and/or environment in danger.
Protecting Industrial Control Systems Servers & WorkStations:
Distributed Control Systems (DCS) and Supervisory Control and Data Acquisition (SCADA) Servers/Workstations typically use Windows Operating Systems. They can be found across ICS infrastructure fulfilling different roles such as Engineering Workstations, Operating Stations (HMI), OPC Servers, Historian Servers, SCADA Servers, Maintenance/Service laptops and more.
While IT Device Control software mainly focus on the data-loss prevention aspect of network security and Antivirus Software code-analysis, sandboxing, data-mining, and signature updates continue to increase the load on computer system resources. Protecting ICS DCS/SCADA Servers and Stations from unauthorized Portable Devices requires the use of tools that are light on system resources, and that function decisively to ensure the Integrity and availability of the Process Control Systems.
USB-Lock-RP™© Security Software provides Centralized ICS Access Control, managing portable devices access to a broad range of windows operating-systems from Windows NT5.1 to NT10, Securing DCS or SCADA Systems Servers and Workstations found at Levels 2/3/4 of the ICS. Its Data loss prevention effectiveness is the result of its decisive design to prevent Systems Infection incoming from Removable storage USB, and other Portable devices, including eSATA and Firewire drives, mobile phones, Smart Cards, Compact discs, and Wireless transceivers.
" USB-Lock-RP is licensed and used by top-notch organizations in the Process Control Domain (PCD) to secure DCS/SCADA Supervisory/Control Computers running on Windows Operating Systems as a straightforward tool to complement their ICS cyber defense arsenal. "
USB-Lock-RP, blocking and authorization functions take into account machines and devices hardware identifiers. Not user-account privileges, this allows for effective protection even if computers are running under elevated credentials or administrator user-accounts.
Since Stuxnet it has been clear that antivirus software remains ineffective in stopping Zero-day USB-based exploits, and that USB storage such as flash drives, and other portable devices are a probable entry point for new or known exploits.
Signature-based detection fails in preventing USB-Based Zero-day exploit attacks and more so if the network is air-gapped as updating virus and malware signatures could be further delayed.
Antivirus software attempt to prevent such attacks by code-analysis have limitations, as code-analysis detection puts heavy demand on operating system and hardware resources. Its effectiveness will vary depending on the amount of resources the system has to offer and how much of this resources are realistically available at intrusion attempt time.
More so, code-analysis detection requires accessing the device which even under sandboxing could be dangerous. By complementing antivirus software with USB-Lock-RP, blocked devices don't need to be accessed by antivirus software as they won't be present. (Only authorized devices would).
USB-Lock-RP approach when dealing with removable storage is to deny access by redundant means. Even specifically authorized flash drives or mobile phones need to be replugged after being identified to function. This approach is effective in preventing both system infection, and data loss.
Regarding HID interface: Since version 10.1 USB-Lock-RP detects changes in usb keyboard and mouse enumeration to neutralize maliciously modified firmware BadUSB such as USB Rubber Ducky that impersonate HID keyboards to inflict keystroke injection attacks by sudden release of embedded malicious payloads.
Any change in keyboard/mouse enumeration will trigger an automatic assessment to neutralize the threat if present. This events as any other insertion attempt events at endpoint clients are reported to the Central Control in near real-time.
The Central Control application and Client Service are light on system resources consumption, and have minimum dependencies and component requirements and are even capable of running on embedded OS.
USB-Lock-RP endpoint security software is used extensively to secure DCS/SCADA Windows based Servers and Workstations in: offshore & onshore Oil drilling, pipelines, and production operations, electric grids, chemical plants, water treatment plants and facility-based critical ICS infrastructure in general.
Commitment to ICS DCS/SCADA Networks Protection:
Since 2004 when USB-Lock-RP development started, the Advanced Systems International team is dedicated to licensing and upgrading this software solution and today in 2018 our commitment is stronger than ever to never drop compatibility to legacy (older Windows OS) as many Industrial Networks supervisory computers, are still running on those OS, and to always protect the latest windows operating systems from unauthorized use of ordinary and emerging technology portable devices. USB Lock RP provides straightforward Portable Devices Access Control, to both Operational Technology (OT) ICS DCS/SCADA networks but also IT networks, nevertheless it is also our commitment to remain a machine-level protection tool and not to compromise ICS systems security by favoring user-based protection on future upgrades, as the software primary objective is to Systems integrity and availability being the confidentiality aspect and data loss prevention (DLP) a valuable consequence of its function.
Choosing Security Software to Protect computers against the risks associated with Removable Storage:
If you are looking for locally managed, user-level, or active directory, or GPO based, or internet dependent, or cloud-based network endpoint security you may find other software that will probably better suit your requirements. But if you are looking for SCADA Systems Security for the Centralized protection of supervisory computers network, from unauthorized use of removable-storage, portable devices, cd/dvd, & wireless transmissions (Wi-Fi, Bluetooth, IrDA) you should download and put USB-Lock-RP to the test as we strongly believe you have found what you are looking for. USB-Lock RP Control (administrative console interface) is straightforward, and easy to use; there is virtually no learning curve involved. Download and you will be: protecting, authorizing, and receiving reports of blocked or allowed devices in minutes.