Finding the Balance Between IT and OT Systems

Finding the Balance Between IT and OT Systems

Priority Networks Inc weighs in on information technology and operational technology systems, and the appropriate actions to balance them.

(Source: Cabling Installation & Maintenance, ICT design focus: Balancing the mix of IT and OT, written by Andrew Froehlich, November 10, 2021, ).

In order to understand the balance between Information Technology (IT) and Operational Technology (OT) systems, it is essential to know their differences. IT systems are used for business computations and information storage with a data-centric approach. On the other hand, OT systems are responsible for monitoring events, devices, and processes for running various business operations.

In today’s world, robust IT systems are essential to automate and streamline business operations, which can improve productivity. They help eliminate human error and analyze data collected from various business processes. Similarly, OT is critical for businesses and society for the efficient operations of critical infrastructure and core business processes. For example, OT helps ensure smart buildings’ safety and security. Therefore, no matter how successful a business is, it will have issues if it doesn’t have capable IT and OT systems.

At Priority Networks Inc, we understand that the balance between the IT and OT systems is about converging the two approaches into a single environment where both capabilities are optimally utilized. Recently, I came across an article highlighting the challenges inherent in effectively integrating IT and OT systems in smart building designs. As an IT services company, we were inspired by the recommendations for combining IT and OT systems within a single network architecture.

Separating the Flow of Network Traffic Using Access Control Systems and SSIDs

The suggestion for maintaining the same physical network for both IT and OT equipment while using separate SSIDs for Wi-Fi was very insightful. Apart from resource and cost optimization, this method will effectively separate the traffic between the IT and the OT systems, resulting in the security of one system even if the other is compromised. The IT support teams at smart building solution providers can adopt a similar approach. As recommended by the article, network firewalls and access-configured routers are also helpful methods to separate the traffic between IT and OT components.

Maintaining Granular Remote Access Controls for IT and OT Devices

As a provider of IT services, we at Priority Networks Inc agree with the article’s premise that it is imperative to maintain the security of the systems from any external threats and risks. As discussed in the article, it is a common challenge to share access to critical technology infrastructure in smart buildings because of the unreliability of network connectivity. Although VPNs can help in such cases, the way they are configured makes the network prone to attacks by malicious actors. Thus, denying access to the smart building network for most components other than the handful of core IT and OT devices is a good practice.

Adopting Modern Cybersecurity Technologies to Safeguard Both IT and OT Systems

While some OT systems are modern and complex, most of the OT devices being used are also expected to be decades old. Thus, a significant challenge associated with the convergence of IT and OT systems, especially traditional OT systems, is that it creates cybersecurity risks, which the article rightly highlights. Such systems may have never been intended to be connected to an organization’s IT infrastructure. It may be assumed that such systems operate in isolated environments and do not require protection from cybersecurity threats.

Connecting such legacy systems to the smart building IT infrastructure could leave the entire network vulnerable, as attackers now have a direct communication path to access devices. Thus, organizations looking to converge their IT/OT infrastructure must prioritize cybersecurity. In this regard, modern artificial intelligence (AI)-based IT solutions offer end-to-end visibility of a business’s IT infrastructure. These AI-based IT support systems reduce the dependency on manual efforts to identify the root cause of any security incident. Based on this, the company takes suitable pre-emptive actions to ensure that the security of the network infrastructure is upheld.

OT is Behind IT in Cybersecurity, and Businesses Must Find Their Solutions

Threat actors use sophisticated techniques against critical infrastructure and industrial assets to access OT systems to disrupt operations and production. They also use poorly secured OT systems to access enterprise IT networks. These attacks exploit the siloed dynamic between OT and IT systems and security. The attackers are costing their victims a loss in production, interrupting workflow, revenue, and ransomware payouts.

In the past, whereas IT security prioritized system security, data confidentiality, process integrity, and infrastructure availability, OT security focused on protecting operational safety, productivity, and reliability. However, now OT systems, control systems, and physical industrial processes are becoming increasingly complex in their purposes and capabilities. This has resulted in leveraging IT systems and security tools to manage and secure OT networks.

However, as highlighted in the article, we at Priority Networks Inc believe that current IT support solution providers lack the expertise to handle OT system security. In addition, there is a lack of data security experts and OT vendors in the market. Thus, businesses must put extra effort into maintaining the security of their OT systems. This way, they can balance their organization’s infrastructural requirements and IT and OT systems.

Businesses need to invest in both IT and OT because they can help increase productivity and ensure efficient operations. This ensures that companies stay competitive in their industry and can meet the needs of both their customers and employees. However, it is also critical that companies establish a proper and secure framework for handling these systems. As an IT services provider, we at Priority Networks Inc firmly believe businesses can effectively secure their assets and network without much expenditure by adopting some of the methods discussed in the article.

Massimo DeRocchis

My life has been surrounded with computers since I was a child, from my first job as a Computer Assembly Assistant to the current ownership of Priority Networks, a dental focused networking company. Starting with an Apple computer connecting to other networks when I was only 13 years old, I quickly knew this passion would lead to bigger ventures. As the internet started to evolve, I immediately worked for an Internet Service Provider (ISP). This gave me insight to the power of worldwide internet communications and the capabilities of sharing data across multiple networks simultaneously. The dedication towards this field has given me the advantage of understanding new technologies and grasping complicated issues quickly from software, hardware, networking, security, management and much more. As a Computer Network Manager for Tesma International, a division of Magna International, I gained the experience of becoming a qualified NAI Network Sniffer, EDI Communications Specialist, Head Securities Manager, MRP Manufacturing Integration Manager, and received several enhanced managerial and technological training courses. Moving forward to today, I apply all my knowledge, training and years of solid network experience to deliver the very best support to all my customers at Priority Networks.