Configuration ports on critical and non-critical cyber assets are important but often overlooked in the overall cyber security strategy. Virtually all electronic devices with communication capability have configuration ports, and these ports present an extremely high set of privileges that can be used to change almost anything on the target device. Failing to secure these ports results in a significant security risk.
Unfortunately, configuration port security is a commonly misunderstood area of cyber security. Security guidelines often provide broad statements such as “all ports should be either secured or disabled,” which obviously includes configuration ports. However, configuration ports should not be disabled as they are the default emergency access point for every IT device. Instead, they must be effectively secured.
To help businesses understand the importance and relevance of configuration ports to cyber security, TDi Technologies has produced a whitepaper on “Closing the Security Gaps” involving configuration port security. This whitepaper is intended to provide useful and educational content that can assist companies in maintaining a secure and reliable IT infrastructure.
This free whitepaper is available for download at the following location: Closing the Security Gaps: Securing Configuration Ports.
In my previous articles, From the Control to the Substation to the Pole and Remote Access Management – A Comprehensive Security Solution, I covered the first two solution briefs which correspond to the three NERC-CIP Whitepapers released by TDi Technologies.
The third NERC-CIP whitepaper covered the relevance of configuration ports to utility cyber security. This whitepaper is available at the following link: Whitepaper NERC-CIP-007-5
The topic of configuration port security is further explored in the Configuration Port Security Solution Brief, which provides general information to Utility providers on the Consoleworks solution for securing and managing configuration ports. This solution brief is available at the following link: Solution Brief: Configuration Port Security
CIP-007-5 requires that all ports, including configuration ports, be either secured or disabled. ConsoleWorks provides a means to secure these ports, helping Utility providers meet NERC-CIP requirements and pass NERC-CIP audits. This solution also helps Utility providers improve the efficiency of day-to-day operations.
You may remember from my previous post about the three NERC-CIP Whitepapers that TDi Technologies recently released, which addressed the requirements in the current version 5 draft of NERC-CIP standards. The first whitepaper discussed the importance of baseline configuration as a critical security management control. This whitepaper is available at the following link: Whitepaper NERC-CIP-010-5 R1 R2
As a follow-up to this whitepaper, TDi Technologies more recently released the Baseline Configuration Management Solution Brief, which provides general information on the capabilities in ConsoleWorks for addressing Baseline Configuration Management. This solution brief is available at the following link: Solution Brief: Baseline Configuration Management
The ConsoleWorks Baseline Configuration Management Solution is designed to provide visibility and control over the configuration management practice. Without automation, configuration management is a costly operations activity that is difficult to manage and prone to mistakes that can leave the Utility provider vulnerable to cyber attack.
This solution offers Utility providers a unified solution for automating baseline configuration management of all cyber assets from the Control Room to the Substation to the Pole.