Industrial cybersecurity company Xage announced the release of its Zero Trust Remote Access technology that secures remote access for operational technology (OT) environments by using cloud to ease and accelerate the deployment of critical features.
With its product, Xage will provide users with access controlled at granular level – device by device, user by user, data stream by data stream, and application by application. The Palo Alto, California-based company enables users to employ identities that secure the environment, while providing authorization solely to a limited set of defined interactions. With its cloud-delivered remote access capability, Xage is maximizing the reach of zero trust OT security, which is turning into a critical element as the operational reliability is often found to be compromised.
For the next two months, Xage is granting any valid organization that signs up six months free use of the baseline Zero Trust Remote Access offering, in order to boost adoption, accelerate its impact and help address urgent OT cybersecurity challenges.
“Modern operations require remote access for workers, apps and physical assets, yet providing access securely has proven incredibly challenging, particularly in OT environments,” said Duncan Greatwood, Xage’s CEO. “Traditionally, enabling access forces operators to manage disparate, dated technologies like VPNs, jump boxes and firewalls—a cumbersome and vulnerable process. Even then, the threat landscape has changed so dramatically in recent years that attackers are now bypassing these traditional protections.”
Users get access to centralized administration, configuration and access delivered via the cloud, from a service that includes multi-factor authentication (MFA). It does not require VPNs or jump boxes, while securely terminating vulnerable protocols such as RDP and VNC before they reach the outside world. RDP (Remote Desktop Protocol) is a protocol built by Microsoft that allows users to graphically control a remote computer, while VNC (Virtual Network Computing) is an open platform independent graphical desktop sharing system designed to remotely control another computer.
The Zero Trust Remote Access architecture terminates these exposed direct-access protocols inside the OT environment, by offering a modern and secure HTTPS (Hypertext Transfer Protocol Secure) interface, and unifying access management across multiple systems and zones. Both these protocols are chosen to deliver graphical access to a remote computer, displaying the desktop as well as communicating keystrokes and mouse actions.
As the offering does not require VPN connectivity, it steers clear of instantiation of an internal IP address for external users. It further manages any needed OT engineering-workstation accounts, removing a potential source of OT vulnerability.
With the recent trend of cyberattacks on critical infrastructure getting increasingly complex and disruptive, causing systems to shut down, disrupt operations, or allow attackers to remotely control affected systems, risks associated with industrial operations have assumed heightened importance, as these operations are online and enabling remote work. Remote access has also emerged as critical to operational efficiency and digital transformation.
By plugging the security air gaps in the critical infrastructure, users of Xage’s Zero Trust Remote Access offering are guaranteed expedited deployment that uses cloud sign-up with on-site enforcement, made possible by self-configuring software, designed to get up and run in minutes.
With the steady increase in the number of cyberattacks on critical infrastructure, ranging from ransomware to remote control, primarily aimed at disrupting operations, increased visibility and management has become indispensable.
Cybersecurity company Dragos detected a three times rise in security threats in hyperconnected industrial environments, confirming a rise in publicly known flaws in systems supporting critical infrastructure and industrial operations. It also analyzed 703 vulnerabilities in industrial control systems (ICS) and OT environments in 2020, a jump of 29 percent from the previous year.
Xage had in April last year released its Dynamic Data Security offering, designed to ensure authenticity, integrity and privacy for data shared between different applications, machines, organizations and locations. The offering hardens the data and securely replicates the data wherever it will be consumed.