Honeywell sMX secures use of USB devices
Houston, TX-based Honeywell Process Solutions (HPS) says its Secure Media Exchange (SMX) protects facilities against current and emerging USB-borne threats, without the need for complex procedures or restrictions that affect operations or industrial personnel.
Malware spread through USB devices – used by employees and contractors to patch, update and exchange data with on-site control and computer systems – is a key risk for industrial control systems. It was the second leading threat to these systems in 2016, according to BSI publications, and uncontrolled USBs have taken power plants off-line, downed turbine control workstations and caused raw sewage floods, among other industrial accidents.
“Industrial operators often have hundreds or thousands of employees and dozens of contractors on site every day,” said Eric Knapp, Cyber Security chief engineer, HPS. “Many, if not most, of those rely on USBremovable media to get their jobs done. Plants need solutions that let people work efficiently, but also don’t compromise cyber security and, with it, industrial safety.”
Currently, many plants either ban USBs, which is difficult to enforce and significantly reduces productivity, or rely on traditional IT malware scanning solutions, which are difficult to maintain in an industrial control facility and provide limited protection. These solutions fail to protect process control networks against the latest threats and offer no means to address targeted or zero-day attacks.
Honeywell’s SMX was developed by the company’s cyber security experts based on field experience across global industrial sites and feedback from Honeywell User Group customers. Honeywell has one of the largest industrial cyber security research capabilities in the process industry, including an advanced cyber security lab near Atlanta. Honeywell also partners with cyber security leaders including Microsoft, Intel Security and Palo Alto Networks, among others, to develop industrial threat detection techniques.
Honeywell’s SMX provides hassle-free, multi-layered protection for managing USB security, letting users simply plug in and check devices for approved use in the facility. Contractors “check-in” their USB drive by plugging it into an SMX Intelligence Gateway. The ruggedized industrial device analyzes files using a variety of techniques included with Honeywell’s Advanced Threat Intelligence Exchange (ATIX), a secure, hybrid-cloud threat analysis service.
SMX Client Software installed on plant Windows devices provides another layer of protection, controlling which USB devices are allowed to connect, preventing unverified USB removable media drives from being mounted, and stopping unverified files from being accessed. SMX also logs USB device connectivity and file access, providing a valuable audit capability.
“For most plants, the proliferation of removable media and USB devices is unavoidable, but the security risks they bring don’t have to be,” said Knapp. “We know our customers have limited resources to maintain another system, so Honeywell manages SMX for them. SMX never connects to our customers’ process control networks. From a system administration perspective, it’s like it’s not even there.”
Managed and maintained directly by Honeywell, SMX provides the easy and secure solution to USB security in industrial plants. It helps to prevent the spread of malware through removable media, stops unverified files being read by Windows hosts and, through the private ATIX connection, provides continually up-dated threat information and advanced analytics to help detect advanced, targeted and zero-day malware.
Honeywell says its industrial cyber security solutions protect the availability, safety and reliability of industrial facilities and help securely deploy Industrial Internet of Things (IIoT) technologies. Honeywell’s complete portfolio includes: cyber security technology solutions such as its Cyber Security Risk Manager, the first solution to proactively monitor, measure and manage industrial cyber security risks; managed industrial cyber security services; professional cyber security field services. The portfolio builds on the company’s industry-leading expertise and experience in process control.