| Reliable updates |
Capability of security updates that do not impact the availability of the protected system through compatibility checks performed prior to database / component and process control system software / configuration updates. |
| Network communications control |
Control of users and devices in access to the network allowing monitoring their actions and gathering detailed information on their communications. Establishing VPNs or other control mechanisms, such as bandwidth limitation |
| Compliance |
Centralized management of regulatory and legal requirements. Identification of the responsibilities and those responsible for monitoring and complying with the applicable regulations and laws in force. Definition of functions and competencies and documentary requirements. Definition of necessary committees. Identification and establishment of owners and custodians. Background check and definition of the required job position. |
| Secure network design |
Provide specifications for secure network design, segmentation, addressing, and communication protocols |
| Centralized management of security policies |
The ability to set different protection settings for different nodes and groups |
| Risk and Vulnerability Management |
Management of technological and operational risk, analysis of the impact of business processes or operation. Analysis and management of vulnerabilities, historical monitoring of Vulnerabilities. Identification and planning of necessary resources, processes and responsibilities. Definition of risk approach and methodology. Management of the review by management. |
| Industrial network event log (forensic analysis) |
Forensic tools: secure monitoring and logging of industrial network events |
| Physical security in the installation of devices |
Provide technical recommendations in the places where the devices are going to be installed in terms of temperature, humidity, electromagnetic interference (EMI), radiation, vibrations, gases and any other agent that may affect their correct concurrent operation and message notification capacity in authentication. |
| Redundancy system |
Redundancy capacity of energy, communications, storage and services necessary for the operation |
| Incident response support |
Health support management for events during incident response. Additional fields to complete with information about the event |
| Network communication visualization |
Communication monitoring system of network devices, identifying industrial protocols used, bandwidth use and end points on a network map with the ability to categorize by levels in purdue |
| Cybersecurity assessment |
Provide minimally invasive industrial cybersecurity assessment. First step in establishing security requirements within the context of operational needs, this can also provide meaningful information on security levels, even less deployment of protection technologies |
| Data Protection |
Information encryption capacity at rest and in transit. Destruction of obsolete information. Protection of the backup and data recovery process. Information classification. Prevention of data leaks in an active way and without losing productivity. Inspection of multiple types of files and protocols regardless of whether the information is transmitted encrypted or not. Both visible and invisible mechanisms so that in case of information leakage, the person responsible can be identified. Authorization control for the use of external devices or file transfer repositories in the cloud. |
| Network integrity control |
Network integrity control that detects new / unknown devices and monitors communications between known / unknown devices |
| Access control policy |
User and group policy that will define access for each type of information established and assignment of permissions by profiles and groups |
| Detection of use of default passwords |
Default password detection when connecting to devices - You can track the use of default passwords to access or connect to certain types of devices |
| Device control |
Ability to control devices automatically (CD, DVD, USB, etc.). Allow blocking or adjusting filters and extended permissions, as well as setting the permissions of a local / remote user to access the given device\'s hardware and software installed on it. |
| Equipment use control |
Control of equipment use (laptops, mobile devices, ...) to restrict access to information through encryption and blocking of malware and malicious traffic |
| Multi-factor user access control |
User access control based on robust PKI authentication mechanisms (access token or biometrics) |
| Security log |
Log that allows you to view the events that have been recorded by the application components and that indicate that a protected computer may be compromised |
| Advanced antimalware |
Advanced antimalware (signature-based, proactive, anti-cryptor) |
| Certification of the main ICS providers |
Verification of cybersecurity functionalities or capabilities indicated by ICS providers |
| Single Sign On |
Solution that allows users to have access to multiple applications by logging in with only one account to the different systems and resources. |
| Backup system |
Backup and restore system to implement backup policy |
| Equipment protection diagnostics |
Monitor the protection status of a computer, receive information on the status of applications and the ability to manage data log diagnostics. |
| Verify PLC integrity |
PLC integrity check |
