February 24, 2019 |
Smart manufacturing starts with data security
The very first step in your vision for #smartmanufacturing should be security.
#smartfactory = connected factory. Therefore security risks pose greater threats in a smart factory than in a traditional facility and will only grow bigger as your smart factory grows to embrace suppliers and customers. Data security must be at the foremost of your smart factory architecture. This is the first step towards your digital transformation blueprint.
You should be able to answer these 5 basic questions at a very broad level about your data before you can even think of any ways of “transformation”.
1. Do you know all sources of data used by your business? You should have a catalog of all data used by your business
2. Does your data reside on your premises, in the cloud or across both? You should know what data resides where. Are there specific access rules for specific parts of your data?
3. Is your data protected? This should answer questions for your data at rest (data stored) and data in motion (data access). You should have a catalog of all systems/reports/dashboards that use the data
4. What information are you sharing with partners/suppliers/customers? You need to know who has access to what kind of information, frequency and mode of access.
5. Who are the consumers of the information and what kind of access do they have. This should include all users of your manufacturing ecosystem – including customers, partners and suppliers. Access should be granted only to users that consume them in a way meaningful to your business
In addition to answering these #datagovernance questions for your analytics strategy, you should also check for security-awareness on the device side. You want to make sure that each connected device has a credential to access the message broker for IoT connectivity. All communication to and from message broker must be encrypted (using something like Transport Layer Security (TLS)). Device credentials must be kept safe in order to send data securely to the message broker.
Devices can use X.509 certificates to connect to message brokers using TLS mutual authentication protocols. This eliminates the need to store an access key ID and a secret access key on your device. TLS can be used to ensure the confidentiality of the application protocols – MQTT or HTTP – as needed.