Today, Xage Security announces a new remote access solution powered by a unique zero-trust approach for industrial operations. With new capabilities, Xage is able to deliver identity-based access that is controlled user by user, application by application, and asset by asset across any location. This is the first remote access solution that ensures organizations have complete granular control, keeping systems secure and maximizing their efficiency, while also providing secure remote data sharing.
Remote work is on the rise, which has also increased remote cyberattacks. The FBI reported a 400% increase in cyber crimes reported amid the pandemic, and INTERPOL has reported a significant shift in targeting corporations, governments, and critical infrastructure during this time. With remote access, remote users and applications can effectively interact with assets distributed across operations, enabling both process automation and system optimization. It’s crucial, though, that these interactions between users, applications, and machines be secure.
Providing remote access is a complex issue for modern operations. While many operations do not provide granular access control even internally, the access control challenge only becomes more significant when access extends from internal to external and may involve multiple remote, cooperating parties. Remote applications and users often need to traverse untrusted third party or segmented networks to reach operational assets. Consequently, asset owners and operators want to grant access only to authorized assets on an asset-by-asset basis, and perhaps for a limited time. Facing a variety of differences in assets and policies, it is common for operators to use different solutions to control access across remote, local, and cloud, for users and applications, and for legacy and new devices. In an attempt to limit this complexity, operators often adopt architectures that effectively assume trust for any entity that gains network-segment access, which can render all their assets vulnerable while also making the system difficult to use.
Current isolation and trust-based security approaches are too complex, vulnerable to exploit, and difficult to manage for today’s industrial enterprises and operations. As organizations shift to increasingly remote work, they must protect their systems and optimize how they enforce secure remote access.
The Xage Security Fabric provides a zero-trust identity-based remote access solution for users, applications, and machines, across field, control center, datacenter, and cloud environments. In Xage’s zero-trust access (ZTA) model, no trust is assumed for machines, apps, or users until their identity is authenticated and their access authorized per the security policy. This approach creates a secure environment via identities and credentials, and only grants authorization to a limited set of interactions for the required duration. Beyond securing interactions, too, Xage is also constantly monitoring for intrusions through methods like providing recorded sessions. Now, whether users and applications are remote, local, or third party, industrial operators can enforce access control across their organizations, and ensure that their systems are secure.
“In order to build a truly secure solution for remote access, you need to create an environment that assumes zero-trust for users and applications,” said Duncan Greatwood, Xage Security CEO. “By taking a zero-trust approach to remote access across the entire operational stack, Xage has developed the first manageable, scalable, and secure solution for OT environments. Now, rather than addressing remote access as a potential risk to the organization, industrial operators can harness it as a means to enable process automation and workflow optimization––improving the efficiency of the operation as a whole.”
- Zero-trust identity-based remote access: controlled access based on user or application identity to a specific asset (machine or application) or data parameter based on time and location with Single Sign-On (SSO) and Multi-Factor Authentication (MFA), optimized for industrial operations and OT environments and workflows.
- Any asset, any location: Xage’s cloud-hosted or on-premise deployment models enable secure zero-trust remote access to legacy and new assets across OT edge, OT control center, IT data center, and cloud environments. Xage supports multiple protocols including RDP, HTTP(s), SSH, Modbus, and others with secure tunneling, screen recording, and proxy session termination for DMZ environments.
- Secure data transfer: Xage’s remote access solution protects the authenticity, integrity, and privacy of data such as PLC programming files, ML model files, and process data streams. The solution enables data to be moved easily and securely between OT, IT, cloud, and multi-party environments.
“With the proliferation of renewable and distributed energy resources – and the complex customer and vendor remote access requirements that result – the utility sector needs scalable solutions to address multi-party trust and access control challenges in a secure and manageable way,” said John Franzino, CEO of GridSME. “Xage’s Security Fabric efficiently manages identity-based access across disparate cyber systems and networks, with the added benefit of centralized policy management and decentralized enforcement, in case communications are temporarily lost at a remote site. As regulatory requirements such as NERC-CIP evolve, this solution helps utilities comply and stay ahead.”
For more information, read the product brief on the Xage website.