Skip to main content
All BlogsCritical InfrastructureIdentity-Based SecurityIndustrial Cybersecurity

Universal Multi-Factor Authentication for Industrial Operations: A New Solution to Protect All Assets

By July 7, 2020 No Comments

We’re proud to announce a new offering in the Xage Security Suite: universal multi-factor authentication (MFA). For the first time, industrial operators can now protect their assets – even those that are remote, or lacking simple device-level security – with multiple forms of authentication, such as passwords, one time tokens, biometrics, etc. 

A vast majority of industrial operators have layers of new IIoT and legacy control devices and systems. Single authentication (usually a password) is a basic device-level security building block that operators are often behind on, especially for their legacy equipment. Even when machines do have passwords, common practices of credential reusage, repetition, and password weakness are major pitfalls, leaving these organizations open to attack. 

Single factor authentication is not enough to protect these critical operations. In the last two years, digital attacks targeting industrial control systems (ICS), critical infrastructure, and operational technology increased by a whopping 2000%.The healthcare lost an estimated $4B in 2019 due to data breaches and ransomware attacks. Utilities and power grids have been consistently targeted by password-spraying attacks, including a recent series of global credential-theft attacks mounted on suppliers of equipment and software for industrial enterprises. And though cybersecurity risks continue to rise for manufacturers, most still struggle with the costs associated with upgrading and replacing legacy systems.

The heightened need for MFA now

In the last few months, more operational systems have been opened to out-of-office access than ever before. As organizations adopt new processes, many have increased the number of employees and contractors with remote-system-access authorization. This means that operators have even less visibility and control over logins happening from various locations and machines. 

In a recent survey of CIOs, 25% said that they will be focusing their security spend on MFA as a result of the COVID-19 pandemic, with an additional 64% saying they have already increased MFA for their remote working employees. However, industrial operations have historically relied on machines without any password protection, along with others that have only basic lock/unlock features, and lack secure access control. This has always been a source of cyber risk for industrial operators, but in the face of today’s new working environment, this risk is compounded by the need to increase remote access. The risk of successful remote attacks has now increased exponentially, and organizations have no choice but to address it. 

Unified MFA for increasingly remote operations

We are proud to introduce Xage’s unified MFA solution to deliver MFA universally across a variety of industrial assets, regardless of type, connectivity, or location. Xage enables industrial organizations to enforce MFA in every device – even those that previously lacked basic device password protection – in a distributed setting, in a disconnected state. For the first time, industrial organizations can enforce tamperproof MFA for their entire system of new and legacy devices, without creating additional dependencies for the operation.

Xage’s highly resilient authentication and enforcement are delivered at the edge, helping organizations mitigate a vast array of common cyberattacks, such as password spraying attacks, password theft, identity theft attacks, phishing attacks to plant malware on target laptops, and the growing wave of activity exploiting remote access vulnerabilities. Xage also creates tamperproof audit logs that ensure compliance with key industry standards and guidelines that require MFA integration into enterprise and operational environments (e.g. NIST, NERC-CIP, and IEC-62443).

Our MFA offering was built specifically to support OT/IoT use cases, protecting identities and access to a vast array of devices and applications. For more information on Xage’s solution, click here