Jennifer Faylor from Inductive Automation wrote this blog—Ignition 8.3 Pro Tips: Supercharge System Security—a few weeks ago offering some security tips for users of Ignition. There’s more. Check out the blog for the entire essay.
She begins, “In honor of Cybersecurity Awareness Month, this blog will delve into some of the Ignition 8.3 features that help you better secure your systems.”
The new industrial Secrets Management feature in Ignition 8.3 enables you to store secrets securely and protect them from unauthorized parties — a game-changer if you’re looking to boost SCADA password security. And coming soon in Ignition, you’ll also be able to integrate with third-party secrets management platforms such as HashiCorp Vault.
With Ignition 8.3, you get multiple layers of control system threat protection that align with the latest industrial cybersecurity standards to keep your data and assets safe. To highlight some of the new features: we’ve expanded functionality for LDAP authentication security by enabling extra LDAP attributes to be defined for the Active Directory, AD/Database Hybrid, and AD/Internal Hybrid user sources. We’ve also added two additional properties for nested group membership lookup and group role attributes for the Active Directory user source. Three new properties are now available for Ignition Internal Authentication: “Prohibit Password,” “Prohibit Username,” and “Maximum Consecutive Repeated Characters.” And the Administrator role is now automatically listed under the Authenticated/Roles security level when installing a fresh gateway.
The new security features also enable integrators to have visibility of a system’s configuration, while still maintaining good security for the system.
You can majorly step up your SCADA communication security thanks to one important new 8.3 feature: more secure data serialization with Remote Procedure Call (RPC) technology that uses Google Protobuf instead of Java serialization.
