Delivering reliable, secure remote access to cyber-physical systems is a growing priority for enterprises with cyber-physical systems. Whether driven by a rise in remote work, digital transformation initiatives, or improved operational efficiency, the benefits of enabling remote access are far too great to ignore.
As quickly as remote access adoption has grown, so has the risk of disruptive cyberattacks targeting critical operations infrastructure. Maintaining production uptime depends on remote access, mandating solutions that can enable it without compromising security.
The Gartner Innovation Insight: CPS Secure Remote Access Solutions recognizes Xage Security as a Representative Provider.
Let’s go through some of the key findings and get the Xage take on the matter.
Key Findings (and Commentary)
Gartner Key Finding:
“Organizations are increasingly turning to remote access solutions to operate, maintain and update cyber-physical systems (CPS) in their production or mission-critical environments. This is due to safety considerations, contractual obligations and/or cost, competitive and skilled labor pressures.”
Thoughts on the matter from us here at Xage:
Remote access expedites a lot of work and reduces costs, especially in the world of CPS. Nobody wants to pay to fly a technician to an offshore wind farm via helicopter. And, helicopters aside, remote access massively expanded during the pandemic. Pandemic or no, sending someone to an operational site always comes with inherent risks.
Gartner Key Finding:
“Historical VPN and jump-server-based approaches have proven increasingly unsecure and complex to manage. They also often lack the granularity to provide access to a single device, providing access to the entire network instead.”
The Xage take:
We couldn’t agree more and wrote a blog about why jump servers aren’t secure enough. Read it here.
Gartner Recommendation:
“Security and risk management (SRM) leaders seeking to enhance the security of their CPS environments via an effective secure remote access capability should: Work closely with CPS asset custodians (such as production engineers or maintainers) to define policies that balance security best practices such as multifactor authentication (MFA) with operational/production needs.”
The Xage take:
This has always been (and probably always will be) a delicate balancing act. Most CPS/OT exists in an industry where uptime and production reign supreme. While there might always be some push/pull, we think that a solution can help enable controls like MFA without slowing down the process, especially if that solution was designed with OT in mind.
Gartner Recommendation:
“Perform a full inventory of all remote connections across the entire organization, as shadow remote access likely exists throughout operational networks, particularly at field sites.”
The Xage take:
Staff on site have a job to do, and if they’re not provided a simple way to do it, they’re going to build their own workarounds. That can expose an organization to unknown risk, especially where remote access is concerned. It is critical to monitor for shadow IT, but we think it’s equally important to provide a remote access solution upfront that’s secure—and that’s convenient enough that staff will actually use it.
Gartner Recommendation:
“Remove older remote access solutions when deploying newer CPS secure remote access solutions. Organizations commonly deploy new solutions without focusing on what is left behind, and with the number of exploited VPN vulnerabilities growing, this could be a significant blind spot.”
The Xage take:
We’ve dug into this extensively here at Xage: VPNs are not secure.
CPS Remote Access Can Be Simple and Secure
Learn how Xage can enable remote users to easily and securely connect to the assets, applications, and services they need across OT, IT, and cloud environments.
Gartner, Innovation Insight: CPS Secure Remote Access Solutions, By Katell Thielemann, Abhyuday Data, Wam Voster, 18 April 2024.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
