Dolce Vita IT Solutions

View Original

Oklahoma manufacturing environments and business continuity - key steps

Lane Griffing

Oklahoma Manufacturing Environments

Manufacturers in Oklahoma vary widely in the makeup of their environments and include physical and virtual servers, ERP systems, inventory management, CNC machines and robotics, and various other systems. Many manufacturers do an uneven job at identifying key systems and data, and may not have a written plan which priorities systems based upon financial impact to the business.

10 Key Steps to Improved Manufacturing Business Continuity

  • Improve user information security training - use available third-party web-based training to simulate phishing emails and how users can recognize and deal with them - this goes a long way towards preventing ransomware infections

  • The email flow should be completely vetted prior to landing in the email system or in a user’s mailbox. It should be configured to drop known malicious file types. Users should be blocked from using their personal email (Google, Yahoo, etc.) from their work workstation to minimize infection opportunities.

  • Threat intelligence and internet content filtering should be used to automatically block know risky types of websites as well as known malicious internet addresses.

  • Manufacturers more then most businesses make routine use of USB drives to transfer data to CNC machines - these thumbdrives need to be tightly controlled to minimize infection opportunities.

  • VPN connections - these should only allow use by company-provided and secured remote devices. Under no circumstances should personally-owned workstations be used for VPN access to the facility. VPN access should require multifactor authentication.

  • Cloud-based file sharing systems - use of systems like OneDrive and Dropbox should be tightly restricted as these make an easy entry for ransomware and other threats.

  • Identify all business data whether onsite of in the cloud…where it resides, where it is accessed across the network, how it is currently backed up.

  • For each data repository onsite or in the cloud know how quickly the system or data needs to be restored before the business impact is unacceptable.