Sep 18, 2020
By Christopher Revell
Solution Overviews

OT Security in Nuvolo Connected Workplace

Device inventory combined with device monitoring tools and a service management platform brings orchestrated remediation to your OT devices.

 

Operational technology (OT) refers to a wide variety of physical devices, from HVAC and building automation equipment to life-saving medical devices. These devices used to be stand-alone, unconnected to any outside IT networks. That’s no longer true; these devices are connecting to our networks in unprecedented numbers. And, for our security, we need to protect them.

As more non-IT managed devices connect to the network, the risk of cybersecurity events becomes a real challenge for IT and facilities teams. Nuvolo OT Security brings device data into security monitoring tools, so IT, security, and facilities teams share visibility. They know where the device is, what it is, and can act on threats and vulnerabilities immediately.

Three Steps to Nuvolo OT Security

Nuvolo OT Security enhances your existing IT security monitoring platforms by providing OT device inventory data and work order remediation. Here is our three step process:

Step One: A Single Device Inventory

OT Security enables a comprehensive, accurate device inventory that uses a standard data format allowing you to track assets and their locations easily. Knowing the devices in a facility, their locations, model identifiers, firmware, network attributes, and software versions are necessary information needed to secure them from cyber-attacks.

Step Two: Intelligence Hub to Bridge the Gaps

Nuvolo OT Security creates an intelligence hub that integrates the OT inventory data with device discovery and security monitoring tools to bridge the gaps between the security insights provided by these tools. This allows for rapid device identification and correlation of them to vulnerabilities.

Step Three: Orchestrated Remediation

Nuvolo OT Security provides automated remediation workflows that generate rules-based work orders with remediation or patching details and its location in the building. This workflow automatically assigns work orders to an appropriate clinical engineer, information security analyst, or IT resource and tracks the progress of the work order through completion.

Key Workflows:

  • Matching the device IP address and MAC address with the Nuvolo device database to identify the device type, where it’s located, what department owns it, etc.
  • Generating a rules-based work order with remediation or patching details and the device’s location in the building
  • Auto assigning the work order to an appropriate device technician, facilities engineer, information security analyst, or IT resource.
  • Tracking the progress of the work order through to completion.
  • Identifying all other devices on the network with the same vulnerability and automatically generating work orders for pro-active remediation.

Key Capabilities:

  • Accurate Inventory — Track device details and operating system versions while monitoring location and IP address changes.
  • Integration with Real-Time Monitoring Systems — Generate security alerts for issues identified by real-time security monitoring systems like Palo Alto Networks, Cynerio, Asimily, Ordr, CyberMDX, Medigate, and ServiceNow SecOPs.
  • Vulnerable Device Identification and Matching — Quickly identify devices that match entries on vulnerability lists for remediation processing.
  • Automated Remediation Processing — Automate work order dispatching to fix issues identified by monitoring systems or security updates.