{"id":12714,"date":"2020-02-20T12:12:54","date_gmt":"2020-02-20T11:12:54","guid":{"rendered":"https:\/\/www.riskinsight-wavestone.com\/?p=12714"},"modified":"2020-02-29T17:31:29","modified_gmt":"2020-02-29T16:31:29","slug":"saga-2-3-protection-and-security-maintenance-of-industrial-iss","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/","title":{"rendered":"Saga (2\/3) \u2013 Feedback from the field and good practices for the protection and the security maintenance of industrial ISs"},"content":{"rendered":"<p><em>After having discovered the premises of securing Industrial IS through the mapping of these systems and their partitioning, we will now explain their administration.<\/em><\/p>\n<p>&nbsp;<\/p>\n<h2>Administration \u2013 the nerve center of network architecture<\/h2>\n<p>Good administration of an IS is essential to guaranteeing its availability and security. <strong>When carrying out an IS security program, you must be clear about the objectives you want to achieve.<\/strong> The good practices we observe in the field include:<\/p>\n<ul>\n<li><strong>Creating an administration network isolated from the production network with both central and local scope <\/strong>whose aim is to protect administration flows and avoid integrity losses on flows used to manage sensitive operations;<\/li>\n<li><strong>Protecting the administrative equipment <\/strong>to prevent an attacker from controlling these critical elements directly;<\/li>\n<li><strong>Standardizing, as far as possible, practices and equipment<\/strong> to facilitate the deployment of secure, or even centralized, administration architecture, and to maintain security levels over time. This can be achieved by pooling resources within a central, dedicated team.<\/li>\n<\/ul>\n<p>To note: here, we are discussing only the administration of industrial IS infrastructure. Production PLCs, for example, are administered by the business functions in terms of configuration and will pass through the dedicated configuration and maintenance team, when updates are required.<\/p>\n<p>The first step is to create the structure of the isolated and overarching administration network. This objective can be achieved by putting in place the following measures:<\/p>\n<ul>\n<li>To optimize and pool resources, and especially to assure the DRP<a href=\"#_ftn1\" name=\"_ftnref1\">[1]<\/a>, <strong>the administration network must be constructed around one or more datacenters.<\/strong><\/li>\n<li>In order to reduce the risk of an attack propagating by using an infected site as a springboard, the WAN<a href=\"#_ftn2\" name=\"_ftnref2\">[2]<\/a> network placed between the datacenter and the industrial installations can be configured as a <strong>hub and spoke<a href=\"#_ftn3\" name=\"_ftnref3\">[3]<\/a><\/strong> network, which ensures the separation of each installation.<\/li>\n<li>To guarantee the integrity and confidentiality of administrative flows, these must be isolated within <strong>a specific VRF<a href=\"#_ftn4\" name=\"_ftnref4\">[4]<\/a><\/strong> or <strong>VPN<a href=\"#_ftn5\" name=\"_ftnref5\">[5]<\/a> administration network<\/strong> between the datacenter and each site.\u00a0 Putting in place such a dedicated administration network requires, in particular, the use of telecoms and security equipment, as well as dedicated interfaces on the servers.<\/li>\n<li>For the most important sites, the risk of intrusion via the user LAN<a href=\"#_ftn6\" name=\"_ftnref6\"><strong>[6]<\/strong><\/a> can be reduced by setting up an <strong>administration LAN which is only accessible from the datacenter\u2019s administration LAN. <\/strong>However, such architecture must provide <strong>a resilient solution<\/strong> in the event that the WAN is cut to allow sites to access it directly and also for equipment that simply cannot be maintained remotely.<\/li>\n<li>Companies with multiple sites can also use a <strong>standardized housing<\/strong> that embeds all the security functions required for the site to be interconnected. This facilitates configuration and security maintenance.<\/li>\n<\/ul>\n<figure id=\"post-12721 media-12721\" class=\"align-none\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-12721 aligncenter\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-2-4.png\" alt=\"\" width=\"1741\" height=\"567\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-2-4.png 1741w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-2-4-437x142.png 437w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-2-4-71x23.png 71w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-2-4-768x250.png 768w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-2-4-1536x500.png 1536w\" sizes=\"auto, (max-width: 1741px) 100vw, 1741px\" \/><\/figure>\n<figure id=\"post-12715 media-12715\" class=\"align-none\"><\/figure>\n<p style=\"text-align: center;\"><em>Diagram showing the interconnection of a site with or without a SCADA<\/em><\/p>\n<p>&nbsp;<\/p>\n<p>The second step consists of connecting the administration tools and equipment to be administered to this network, while protecting it from compromise.<\/p>\n<figure id=\"post-12719 media-12719\" class=\"align-none\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-12719\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-5-1.png\" alt=\"\" width=\"911\" height=\"301\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-5-1.png 911w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-5-1-437x144.png 437w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-5-1-71x23.png 71w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-5-1-768x254.png 768w\" sizes=\"auto, (max-width: 911px) 100vw, 911px\" \/><\/figure>\n<figure id=\"post-12717 media-12717\" class=\"align-none\"><\/figure>\n<p>&nbsp;<\/p>\n<figure id=\"post-12723 media-12723\" class=\"align-none\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-12723 aligncenter\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-3-2.png\" alt=\"\" width=\"1763\" height=\"520\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-3-2.png 1763w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-3-2-437x129.png 437w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-3-2-71x21.png 71w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-3-2-768x227.png 768w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-3-2-1536x453.png 1536w\" sizes=\"auto, (max-width: 1763px) 100vw, 1763px\" \/><\/figure>\n<p style=\"text-align: center;\"><em>Diagram showing the interconnection of a standalone site<\/em><\/p>\n<p>&nbsp;<\/p>\n<figure id=\"post-12725 media-12725\" class=\"align-none\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-12725 aligncenter\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-6-1.png\" alt=\"\" width=\"910\" height=\"299\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-6-1.png 910w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-6-1-437x144.png 437w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-6-1-71x23.png 71w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-6-1-768x252.png 768w\" sizes=\"auto, (max-width: 910px) 100vw, 910px\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p>There may also <strong>be a variety of reasons to keep part of the IS fully disconnected<\/strong>. A disconnected IS removes the ISS risks, leaving only business risks. Disconnection also lowers the level of exposure and therefore the risk of intrusion. A risk analysis should be carried out to determine how to proceed. The associated infrastructure will need to be modified: moving from simple local administration to dedicated administration \u2013 which can be costly. These various network bricks, then, enable administrators to access the industrial equipment. However, they must also be given access to the necessary tools.<\/p>\n<p>&nbsp;<\/p>\n<h2>Administrator tools: how to meet needs while guaranteeing security<\/h2>\n<p>&nbsp;<\/p>\n<p>Because corporate and industrial ISs are generally managed separately, <strong>they each use their own tools<\/strong> \u2013 although these may be based on identical products.\u00a0 This type of configuration meets several objectives. It:<\/p>\n<ul>\n<li><strong>Assures access control<\/strong> on the administration interfaces, reducing the likelihood of appropriating a means of attack and the fraudulent use of the tools;<\/li>\n<li><strong>Tracks administrator activity<\/strong> to reduce the potential impact of an attack, by providing a means of detection and response, and facilitating investigation following an event.<\/li>\n<\/ul>\n<p>This requires the implementation of an <strong>administration chain.<\/strong><\/p>\n<p>&nbsp;<\/p>\n<figure id=\"post-12727 media-12727\" class=\"align-none\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-12727 aligncenter\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-4-2.png\" alt=\"\" width=\"1742\" height=\"494\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-4-2.png 1742w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-4-2-437x124.png 437w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-4-2-71x20.png 71w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-4-2-768x218.png 768w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-4-2-1536x436.png 1536w\" sizes=\"auto, (max-width: 1742px) 100vw, 1742px\" \/><\/figure>\n<p style=\"text-align: center;\"><em>Diagram showing the main functions involved in a chain of administration<\/em><\/p>\n<p>&nbsp;<\/p>\n<p>To centralize access and maintain close control of authorizations, an <strong>administration bastion<\/strong> must be set up. Generic accounts are handled by the bastion and protected in its digital safe. This also ensures the traceability of activity and reduces the risk of theft from generic, privileged accounts. The bastion can also secure administration flows by performing protocol translation (for example, from Telnet<a href=\"#_ftn8\" name=\"_ftnref8\">[8]<\/a> to SSH<a href=\"#_ftn9\" name=\"_ftnref9\">[9]<\/a>).<\/p>\n<p>Equipment, especially telecom equipment, whose security levels are sufficiently mature (including detailed management of rights, traceability, individual accounts, etc.) can be directly administered without passing through a bastion.<\/p>\n<p>&nbsp;<\/p>\n<figure id=\"post-12729 media-12729\" class=\"align-none\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-12729 aligncenter\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-7.png\" alt=\"\" width=\"917\" height=\"341\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-7.png 917w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-7-437x163.png 437w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-7-71x26.png 71w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-7-768x286.png 768w\" sizes=\"auto, (max-width: 917px) 100vw, 917px\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p>The establishment of a dedicated administration workstation, where the tools needed for corporate management will be housed, requires a process to be put in place for their installation. This will ensure the workstation can remain secure and that the list of tools being deployed on the IS can be documented.<\/p>\n<p>&nbsp;<\/p>\n<figure id=\"post-12731 media-12731\" class=\"align-none\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-12731\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-8.png\" alt=\"\" width=\"917\" height=\"206\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-8.png 917w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-8-437x98.png 437w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-8-71x16.png 71w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-8-768x173.png 768w\" sizes=\"auto, (max-width: 917px) 100vw, 917px\" \/><\/figure>\n<p>&nbsp;<\/p>\n<h2>Planning for external maintainers<\/h2>\n<p>&nbsp;<\/p>\n<p>Lastly, <strong>it\u2019s essential that access by third-party maintainers is secure<\/strong> in order to limit the risks that arise from improper or unmanaged access, such as infection of the IS after the installation of an unauthorized tool, data loss triggered by a malicious third party, the unavailability of equipment, etc.<\/p>\n<p><strong>An external access point with strong authentication<\/strong> will be needed to confirm the identity of users. Such an access point allows maintainers to access a rebound server which is controlled and hardened by the customer, while also ensuring the traceability of activity. Here, more sophisticated customers deploy solutions that allow the third-party access to the IS for the duration of the intervention only \u2013 and then only once access has been approved internally.<\/p>\n<p>&nbsp;<\/p>\n<figure id=\"post-12733 media-12733\" class=\"align-none\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-12733 aligncenter\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-9.png\" alt=\"\" width=\"919\" height=\"227\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-9.png 919w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-9-437x108.png 437w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-9-71x18.png 71w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-9-768x190.png 768w\" sizes=\"auto, (max-width: 919px) 100vw, 919px\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p>The <strong>configuration and maintenance servers<\/strong> that are dedicated to the site and PLCs must be rigorously monitored to keep them up to date and secure, especially in terms of the tools deployed on them.<\/p>\n<p>&nbsp;<\/p>\n<figure id=\"post-12735 media-12735\" class=\"align-none\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-12735 aligncenter\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-10.png\" alt=\"\" width=\"915\" height=\"262\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-10.png 915w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-10-437x125.png 437w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-10-71x20.png 71w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Image-10-768x220.png 768w\" sizes=\"auto, (max-width: 915px) 100vw, 915px\" \/><\/figure>\n<p>&nbsp;<\/p>\n<p>For more detailed information, note that there is an ANSSI<a href=\"#_ftn11\" name=\"_ftnref11\">[11]<\/a>\u00a0 working group dedicated to the cybersecurity of industrial systems. Its <strong>PIMSEC framework<a href=\"#_ftn12\" name=\"_ftnref12\">[12]<\/a><\/strong>\u00a0 recommends a range of security requirements that can be incorporated into contracts with industrial IS service providers.<\/p>\n<p>&nbsp;<\/p>\n<p>We now have knowledge of our equipment and the solutions to secure and manage it. However, cybersecurity issues evolve over time, so it is essential to guarantee a level of security over time and to deploy adequate means of detection. How can this be done? This will be the topic of our next article!<\/p>\n<p><a href=\"#_ftnref1\" name=\"_ftn1\">[1]<\/a> Disaster Recovery Plan.<\/p>\n<p><a href=\"#_ftnref2\" name=\"_ftn2\">[2]<\/a> WAN i.e. Wide Area Network.<\/p>\n<p><a href=\"#_ftnref3\" name=\"_ftn3\">[3]<\/a> <em>Hub and Spoke<\/em> i.e. A network around the datacenter.<\/p>\n<p><a href=\"#_ftnref4\" name=\"_ftn4\">[4]<\/a> Virtual Routing and Forwarding<\/p>\n<p><a href=\"#_ftnref5\" name=\"_ftn5\">[5]<\/a> VPN i.e. Virtual Private Network.<\/p>\n<p><a href=\"#_ftnref6\" name=\"_ftn6\">[6]<\/a> LAN i.e. Local Area Network.<\/p>\n<p><a href=\"#_ftnref7\" name=\"_ftn7\">[7]<\/a> VLAN i.e. Virtual Local Area Network<\/p>\n<p><a href=\"#_ftnref8\" name=\"_ftn8\">[8]<\/a> Telnet i.e. Terminal Network, Telecommunication Network, or Teletype Network.<\/p>\n<p><a href=\"#_ftnref9\" name=\"_ftn9\">[9]<\/a> SSH i.e. Secure Shell<\/p>\n<p><a href=\"#_ftnref10\" name=\"_ftn10\">[10]<\/a> RDP i.e. Remote Desktop Protocol<\/p>\n<p><a href=\"#_ftnref11\" name=\"_ftn11\">[11]<\/a> ANSSI i.e. The French National Cybersecurity Agency.<\/p>\n<p><a href=\"#_ftnref12\" name=\"_ftn12\">[12]<\/a> PIMSEC i.e. ANSSI\u2019s framework for security requirements for industrial systems integrators and maintenance providers.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>After having discovered the premises of securing Industrial IS through the mapping of these systems and their partitioning, we will now explain their administration. &nbsp; Administration \u2013 the nerve center of network architecture Good administration of an IS is essential&#8230;<\/p>\n","protected":false},"author":161,"featured_media":12744,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2777,3274],"tags":[2772,3401,3466,2828,3467],"coauthors":[1076,3253],"class_list":["post-12714","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-digital-trust","category-manufacturing-industry-4-0-en","tag-cybersecurity","tag-industrial-is","tag-industry","tag-information-system","tag-scada-en"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>SAGA (2\/3) \u2013 Protection and Security Maintenance of Industrial IS<\/title>\n<meta name=\"description\" content=\"After having discovered the premises of securing Industrial IS through their mapping and their partitioning, we will now explain their administration.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SAGA (2\/3) \u2013 Protection and Security Maintenance of Industrial IS\" \/>\n<meta property=\"og:description\" content=\"After having discovered the premises of securing Industrial IS through their mapping and their partitioning, we will now explain their administration.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2020-02-20T11:12:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-02-29T16:31:29+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Fotolia_51465744_Subscription_Monthly_M.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1378\" \/>\n\t<meta property=\"og:image:height\" content=\"1378\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ali Fawaz, Benoit Bouffard\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ali Fawaz, Benoit Bouffard\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/\"},\"author\":{\"name\":\"Ali Fawaz\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/603e270f2a43f0064352928ef7718f88\"},\"headline\":\"Saga (2\/3) \u2013 Feedback from the field and good practices for the protection and the security maintenance of industrial ISs\",\"datePublished\":\"2020-02-20T11:12:54+00:00\",\"dateModified\":\"2020-02-29T16:31:29+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/\"},\"wordCount\":1200,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Fotolia_51465744_Subscription_Monthly_M.jpg\",\"keywords\":[\"cybersecurity\",\"industrial IS\",\"Industry\",\"information system\",\"SCADA\"],\"articleSection\":[\"Cybersecurity &amp; Digital Trust\",\"Manufacturing &amp; Industry 4.0\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/\",\"name\":\"SAGA (2\/3) \u2013 Protection and Security Maintenance of Industrial IS\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Fotolia_51465744_Subscription_Monthly_M.jpg\",\"datePublished\":\"2020-02-20T11:12:54+00:00\",\"dateModified\":\"2020-02-29T16:31:29+00:00\",\"description\":\"After having discovered the premises of securing Industrial IS through their mapping and their partitioning, we will now explain their administration.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Fotolia_51465744_Subscription_Monthly_M.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Fotolia_51465744_Subscription_Monthly_M.jpg\",\"width\":1378,\"height\":1378},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Saga (2\/3) \u2013 Feedback from the field and good practices for the protection and the security maintenance of industrial ISs\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/603e270f2a43f0064352928ef7718f88\",\"name\":\"Ali Fawaz\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/ali-fawaz\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SAGA (2\/3) \u2013 Protection and Security Maintenance of Industrial IS","description":"After having discovered the premises of securing Industrial IS through their mapping and their partitioning, we will now explain their administration.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/","og_locale":"en_US","og_type":"article","og_title":"SAGA (2\/3) \u2013 Protection and Security Maintenance of Industrial IS","og_description":"After having discovered the premises of securing Industrial IS through their mapping and their partitioning, we will now explain their administration.","og_url":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/","og_site_name":"RiskInsight","article_published_time":"2020-02-20T11:12:54+00:00","article_modified_time":"2020-02-29T16:31:29+00:00","og_image":[{"width":1378,"height":1378,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Fotolia_51465744_Subscription_Monthly_M.jpg","type":"image\/jpeg"}],"author":"Ali Fawaz, Benoit Bouffard","twitter_misc":{"Written by":"Ali Fawaz, Benoit Bouffard","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/"},"author":{"name":"Ali Fawaz","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/603e270f2a43f0064352928ef7718f88"},"headline":"Saga (2\/3) \u2013 Feedback from the field and good practices for the protection and the security maintenance of industrial ISs","datePublished":"2020-02-20T11:12:54+00:00","dateModified":"2020-02-29T16:31:29+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/"},"wordCount":1200,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Fotolia_51465744_Subscription_Monthly_M.jpg","keywords":["cybersecurity","industrial IS","Industry","information system","SCADA"],"articleSection":["Cybersecurity &amp; Digital Trust","Manufacturing &amp; Industry 4.0"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/","url":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/","name":"SAGA (2\/3) \u2013 Protection and Security Maintenance of Industrial IS","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Fotolia_51465744_Subscription_Monthly_M.jpg","datePublished":"2020-02-20T11:12:54+00:00","dateModified":"2020-02-29T16:31:29+00:00","description":"After having discovered the premises of securing Industrial IS through their mapping and their partitioning, we will now explain their administration.","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Fotolia_51465744_Subscription_Monthly_M.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2020\/02\/Fotolia_51465744_Subscription_Monthly_M.jpg","width":1378,"height":1378},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2020\/02\/saga-2-3-protection-and-security-maintenance-of-industrial-iss\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"Saga (2\/3) \u2013 Feedback from the field and good practices for the protection and the security maintenance of industrial ISs"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/603e270f2a43f0064352928ef7718f88","name":"Ali Fawaz","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/ali-fawaz\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/12714","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/161"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=12714"}],"version-history":[{"count":4,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/12714\/revisions"}],"predecessor-version":[{"id":12749,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/12714\/revisions\/12749"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/12744"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=12714"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=12714"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=12714"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=12714"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}