Naturally, digitalisation is also widely used in the manufacturing and plant engineering sector: The Industrial Internet, also known to most people as Industry 4.0, involves the intelligent networking of production facilities and logistics systems, enabling extensive automation of production processes with the help of new technologies. Intensifying global competition is driving the demand for lean processes that are not only cost-efficient thanks to the use of new technologies but also enable continuous improvements to the products themselves. As is almost always the case, however, Industry 4.0 also has a downside that must be considered in addition to all its advantages: the use of Internet-enabled systems, such as industry or company portals, within the production process attracts a range of threats that include cyber-attacks. At worst, these lead to data losses and system outages within the business, which in turn can impact production speed. By maximising the security of login procedures, Identity and Access Management helps prevent these sources of danger from arising in the first place. We must now ask ourselves: what expectations do customers have in terms of security and how can they be implemented?
Machine-to-Machine (M2M) systems, mobile applications, the Internet of Things (IoT) and cloud-based services – these are just some examples of technologies that enable intelligent communication within the production process. The systems, machines and plants are controlled and monitored by company portals that manage operational information and knowledge and combine the needs of different groups to create a uniform security infrastructure. These user groups include customers, sales partners, vendors and employees. The data contained in the portal must be protected against external attack – after all, cyber-attacks in an engineering environment are by no means unusual. This is also confirmed by the NTT Global Threat Intelligence Report, which states that the manufacturing industry recorded a 300 percent increase in attacks by hackers in 2020. A simple calculation by Germany’s “Unternehmen Cybersicherheit” initiative to raise awareness of corporate cyber security reveals that the costs of this type of attack can quickly exceed a quarter of a million euros for a medium-sized engineering company.
Secure access with the help of Identity and Access Management
Digitalisation is gradually blurring the boundaries between B2C and B2B. Users of industry portals now also expect the convenience of their private communication channels in a work environment where online working has long since become part of the everyday routine. This means that industry portals are supposed to offer their users a similar customer experience that combines user-friendliness and security. Here, mobility is also every bit as important as it is in a private setting. Users are no longer willing to rely exclusively on desktop computers when they need to monitor production processes or order the next material delivery. Instead, they want to use mobile terminal devices to access status updates about the production process, at any time from any location. It is therefore no surprise that users want to be sure that their company portals are protected against third-party access.
This is precisely where Identity and Access Management, which can be integrated into the company portal, comes into play. It ensures that the login procedure that enables access to the portal is assigned to precisely one person. The login occurs without a password, simplifying portal access for the various user groups – who can do so easily and quickly using a fingerprint or face ID. On the one side, Identity Management (IDM) checks the requested access to the company portal by comparing defined identities with user rights and restrictions and assigns matching user roles, groups and policies. This allows different users to view different information – in accordance with company policies. On the other side, Access Management controls the access of users to digital data, services and applications based on the rules set up in the IDM. To gain access, users must authenticate themselves and be authorized by the IT system.
Intense competition and the increasing pressure of digitalisation should not discourage mechanical and plant engineering companies from maximising security within their production environment. If they neglect this, they are not only risking production shutdowns but also the associated financial losses and reputational damage.