Providing Secure Remote Access
to OT Environments

Providing Secure Remote Access
to OT Environments

Safe-T Secure Application
Access Brochure
Download

PROVIDING SECURE REMOTE ACCESS TO OT ENVOIRMENTS

Your Challenge – Many organizations see the great need to establish a stable and well-supported remote-work program that would allow employees to access resources from home in typical times as well as in DR scenarios. Organizations with OT environments have a special concern in this regard due to the critical nature of these systems  and often because of the regulations involved (NERC/FERC/HITRUST, etc.).

There are many ways to technically achieve remote access but they are either very insecure or complex (or both). The reality is that without extremely high levels of internal network segmentation, the typical methodologies such as VPN provide a level of security risk that is just not tolerable. The alternative is to directly expose resources to the Internet, which is also too much of a risk, especially with regards to OT Environments.

THE SAFE-T SOLUTION

With Safe-T’s Secure Application Access, you can provide highly secure access to your OT systems and devices via a Software Defined Perimeter solution without the need to  dismantle your VPN for other, less sensitive access. Using our SDP solution, access is  only  granted to these resources after authorization has been completed. Access to these OT systems can then be disabled on the VPN, ensuring that only fully authorized remote users can even connect to a resource under the Safe-T solution.

As can be seen in in the figure below, the Safe-T Secure Application Access solution is composed of three servers. The solution is deployed in multiple tiers within the organization and cloud:

  • Cloud tier– includes the Authentication Gateway which is deployed on-premises or in a cloud location (Amazon, Azure, etc)
  • DMZ tier– includes the Access Gateway
  • LAN tier – includes the Access Controller which connects to the organization’s backend applications, storages and authentication services (IDP, IAM, etc), and Safe-T Telepath UBA

SDP with VPN architecture

BENEFITS

  • No behavior changes to your non-OT users—continue using your VPN client
  • No need to remove/change existing network and security components
  • Authenticates users before granting access, with almost zero network change
  • Dynamic, on-demand resource access according to user role/permission
  • Takes your users off the network and close firewall ports for enhanced security





Dafna Lipowicz

VP of Human Resources

In her role, Dafna leads all HR activities at Safe-T, including: partnering with management team to advance and support the company vision and strategy, developing strategic HR plans and policies (training, compensation and benefits, etc.), organizational and managers development, recruitment and welfare. Dafna brings to Safe-T more than 17 years of experience in various HR managerial roles, in global and complex organizations as well as in growing start-ups (such as SanDisk, Logic Industries and Mantis Vision), specializing in establishing and leading HR departments, initiating and building organizational development, according to company strategy, management consultant, talent management and recruitment. Dafna holds both an LLB and an MA in Labor Studies from Tel Aviv University. She is also a certified mediator and group facilitator.

Request a Demo