ChannelLife Australia logo
Industry insider news for Australia's technology resellers
Story image

Seven strategies for better SCADA data protection

By Heather Wright
Wed 25 Oct 2017
FYI, this story is more than a year old

Although supervisory control and data acquisition systems (SCADA) are vital to the operation of a broad spectrum of critical infrastructure including manufacturing, transport and energy networks, they are often open to data loss or cyber crime.

For SCADA to be effective, the computer control systems it relies on must function continuously and avoid downtime.

Yet, SCADA operators face challenges with data protection, and many need to improve uptime and prevent disruption. As SCADA moves from closed to IP-based networks, organisations must prepare better ways of backing up systems and data across on-premises and cloud infrastructure.

Industries that rely on SCADA applications include manufacturing, electricity and gas utilities, telecom and IT, smart cities and industrial automation.

The availability objective for SCADA is typically 99.995% to 99.999%, and failure can cause substantial loss. Since having backup and data protection for this mission-critical data, here are seven strategies for improvement.

Assess backup need First understand how critical it is that SCADA systems and data are backed up. Despite their key role, many escape the scrutiny of enterprise IT systems and operate without backup. Businesses must start by reviewing SCADA data and investigating how it can be protected without downtime.

StorageCraft pre-sales engineer, Karl Thomson, says many legacy SCADA systems still rely on physical computer hardware. “They are often in factory environments subject to dust or dirt, power cleaning and physical damage, but most of all the computers can be old and difficult to replace.”

IT meets OT Since SCADA is used mostly as an operational technology (OT), not an information technology (IT), many system administrators are plant technicians and engineers. This can make it difficult to communicate the importance of data protection initiatives.

With the move to more modern SCADA systems that use IT technologies like Windows, Linux and IP networks, OT staff must be brought up to speed by IT on the need for data protection. Management should organise a SCADA data protection workshop for OT and IT employees and develop an all-inclusive backup plan.

Backups for non-stop operations With most SCADA systems running 24x7, any downtime will have an immediate impact on operations. This continuous operation must be considered when developing a data protection strategy.

SCADA backups must be performed regularly to minimise the risk of data loss and the backup process should allow the system to operate normally. By using backup technology that backs up only disk sectors that change (512 bytes), SCADA servers can be backed up as frequently as every 15 minutes.

SCADA demands security SCADA systems manage critical information that demands the highest security level. Many are isolated from other networks and until recently did not use IP-based networks. The move to IP-based SCADA has allowed organisations to use modern tools and equipment to manage their data.

Look for secure backup technology with multiple encryption options, including AES-256, AES-128 and RC4-128. Do not treat SCADA data security as an add-on. Instead, you have to make sure it’s supported natively by your backup tool.

Efficient hardware-independent recovery Being able to recover data promptly is essential for SCADA operations. Unfortunately, many strategies (and tools) focus on backing up data, but make it difficult to restore it when disaster strikes.

A SCADA data protection plan should include tools that perform the bare metal recovery of a failed server to different hardware and return to production in a short window (typically 20 minutes). The ability to restore to a server in under 30 minutes is a huge time saver and benefit. Other beneficial features include: multiple time-sequenced backups, automated ‘set and forget’ and automatic backup verification.

Prepare for virtual systems With SCADA systems trending towards the adoption of virtual servers, a backup strategy must include working with virtual machines as this is becoming the standard way for on-premises and cloud-based servers to be deployed.

Good backup technology will ensure that protecting virtual servers is as simple as backing up physical machines. Look for options that are consistent for either architecture.

“As more SCADA operations move into virtual environments the requirements for specific hardware are reduced, yet they still require frequent backups without impacting the environment,” Thomson says. “Look for guest snapshotting and built-in VSS support so there is no hang or STUN (Session Transversal Utilities for NAT) impacting the VM during backup operation.”

Off-site and cloud replication Another SCADA trend is the rise in off-site data protection and disaster recovery (DR) options from cloud and managed service providers (MSPs). Many SCADA vendors offer expensive solutions for off-site backups and DR.

But a modern backup tool can offer a cost effective solution by replicating data across a number of infrastructure options. If an organisation can use a cloud service for DR, it might not need to replicate the entire hardware stack.

By Marina Brook, Head of Sales APAC, StorageCraft Asia-Pacific

Related stories
Top stories
Story image
Telstra
Ericsson and Ciena, Telstra enhance service capacity for Telstra's optical network
Ericsson, Telstra, and Ciena have announced new enhancements to Telstra's Next Generation Optical Network, which will increase the service capacity of Telstra's optical network to 400 GE (Gigabit per Second Ethernet).
Story image
Artificial Intelligence
Siemens expands NVIDIA partnership for industrial metaverse
Siemens is expanding its partnership with NVIDIA to enable the industrial metaverse and increase the use of AI-driven digital twin technology.
Story image
Amazon
What brands can expect from Amazon Prime Day in Australia
Amazon Prime Day is the annual two-day shopping event, kicking off this year from July 12-13 and is the global online shopping platform's biggest sales event. 
Story image
Cybersecurity
Delinea’s Joseph Carson recognised with OnCon Icon Award
Delinea chief security scientist and advisory CISO Joseph Carson has been recognised as a Top 50 Information Security Professional in the 2022 OnCon Icon Awards.
Story image
Manufacturing
Sutton Tools deploys Infor M3 CloudSuite for manufacturing
Sutton Tools has also implemented the Infor OS cloud operating platform, including Infor Intelligent Open Network and Mongoose.
Story image
Robotics
Evonik relies on Getac F110 tablet to control autonomous robot
The aim of the project is to evaluate the practicality of an automated robotic maintenance and inspection solution in the chemical industry.
Story image
Ransomware
Secureworks reveals new information on BRONZE STARLIGHT threat group
New research from Secureworks has uncovered new information on the Chinese threat group BRONZE STARLIGHT and how they are using targeted ransomware to initiate complicated attacks.
Story image
Design
Hands-on review: Phillips Hue starter kit
The set-up was one of the simplest I have ever had to do. It is also where the products shine. I was able to connect the bridge, the three lightbulbs and the strip within 10 min.
Story image
Artificial Intelligence
Eight top DevSecOps trends to support IT innovation in 2022
The use of DevSecOps practices is growing, as it is increasingly seen as the best way to produce high-quality and secure code. So what are the current trends?
Story image
Identity and Access Management
Ping Identity named a Leader in Access Management
Ping Identity has been named a leader in the 2022 KuppingerCole Leadership Compass report for Access Management. 
Story image
Hybrid Cloud
Advent One acquires Layer 8 Networks, complements hybrid cloud offering
The acquisition comes at a time of surging demand in hybrid cloud, network virtualisation and network security.
Project management
Discover the 4 crucial factors for choosing the right job-costing solution. Is your team struggling to cost jobs and keep projects running on budget?
Link image
Story image
Dicker Data
EXCLUSIVE: Why women in IT makes good business sense - Dicker Data
The Federal government wants to bolster female participation in the tech industry to at least 40% by 2030. Here's how one homegrown Australian company has already reached that goal.
Productivity
Discover the 5 ways your ERP may be letting you down. Is your current system outdated, difficult to manage, and costing you a fortune?
Link image
Story image
Ransomware
Businesses unprepared to defend against ransomware attacks
Ransomware attacks continue to impact organisations worldwide with high costs, but businesses are still largely unprepared.
Story image
SOTI
Australian consumers loyal to retailers who deliver speed and visibility
SOTI finds extensive order visibility and speed are the most important factors for turning one-off customers into loyal, long-term buyers.
Supply chain
Discover the 4 critical priorities for wholesale distribution businesses in FY23. Are you worried about how supply chain issues may affect your business in 2023?
Link image
Story image
Civil Defence
OutSystems platform chosen as part of ADF contract
"To be included in this project is a reflection of our ability to deliver secure, modern digital outcomes for defence at an incredible pace."
Story image
Samsung
Monitors are an excellent incentive for getting employees back
The pandemic has taught us that hybrid working is a lot easier than we would’ve thought, so how can the office be made to feel as comfortable as home? The answer could be staring you in the face right now.
Story image
New Relic
New Relic looks to observability market with new partner programme
New Relic has announced the availability of New Relic Partner Stack, an enhanced programme expanding New Relic’s commitment to partners.
Story image
Cyber Criminal
Identity and access: the fight is on
Blue team defenders are used to protecting our data, applications, and users with access controls and other security mechanisms, which is why attacks like this are especially challenging when they target identity and access control systems.
Story image
Tech job moves
Tech job moves - Bitdefender, Cohesity, Fortinet & MODIFI
We round up all job appointments from June 27-30, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Online shopping
Consumers want speed, visibility in return for brand loyalty
72% of Australian shoppers want complete online order visibility and 63% are loyal to retailers who deliver goods the fastest.
Story image
State Library of Victoria
State Library of Victoria entrusts Oracle support and security to Rimini Street
“Our finance team are very happy with the support and security that Rimini Street provides, which keeps our assets and our customers secure."
Story image
Cybersecurity
Zscaler launches co-located data centres in Canberra and Auckland
The investment will offer public and private sector enterprises greater resilience in support of their zero trust cybersecurity posture.
Story image
MSP
Video: 10 Minute IT Jams - An update from CyberArk
Olly Stimpson joins us today to discuss the importance of MSP programmes and how MSP partners are experiencing success with CyberArk.
Story image
Digital Fingerprint
Decline in counterfeit cherries after digital fingerprinting
Reid Fruits says there’s been a dramatic decline in counterfeit products for its cherries over the past three export seasons to Asia because of digital fingerprinting.
Story image
Data Protection
Five signs your business is ready to move to the cloud
Many organisations are thinking about moving to the cloud. But what are the signs you are ready, and what are the reasons to move?
Story image
Payroll
How New South Wales state departments achieved cloud migration success
State departments in New South Wales are heading to the cloud to achieve better workflow solutions, and one company is paving the way for their success.
Story image
Artificial Intelligence
Vectra AI named as AWS security competency partner
Threat detection and response company Vectra AI has announced that it has become an Amazon Web Services Security Competency Partner.
Story image
Citrix
The best ways to attract young talent during labour shortages
New research from Citrix reveals hybrid working and ventures into the metaverse are top of mind for Gen Z workers.
Story image
Wiise
Four things wholesale distributors need to consider for FY2023
In a post-pandemic world, there are many things for a distribution business to juggle. ERP solutions company Wiise narrows down what companies should focus on.
Story image
Accounting
Four factors to consider when choosing the right job accounting solution
Progressive job-based businesses can achieve success by strengthening their ability to quantify every cost attributable to the delivery of an outcome for a customer.
Story image
Low-code
Appian unveils low-code certification program in Australia
Appian has announced a program to provide the next generation of low-code developers with access to education on the subject and certification to foster career opportunities.
Digital Transformation
Discover the 5 signs your business is ready for a cloud-based ERP. Is your business being left behind as more of your competitors switch to the cloud?
Link image
Story image
Cybersecurity
Tech and data’s role in the changing face of compliance
Accenture's study found that 93% of respondents agree or strongly agree new technologies such as AI and cloud make compliance easier.
Story image
Public Cloud
Public cloud services revenues top $400 billion in 2021
"For the next several years, leading cloud providers will play a critical role in helping enterprises navigate the current storms of disruption."
Story image
Artificial Intelligence
Dynatrace extends automatic release validation capabilities
Dynatrace has extended its platform release validation capabilities to improve user experience at every stage of the software development lifecycle.
Story image
Gaming
Sony releases a new gaming gear brand for PC gamers
Sony has unveiled INZONETM, a new gaming gear brand for PC gamers that makes gaming more immersive and offers greater gaming ability.
Story image
Documentation
Adobe study finds lack of digital trust and utilisation in Australian Government agencies
New research commissioned by Adobe has revealed a significant lack of digital trust within Australian Government departments, along with the continued underutilisation of key digital processes.
Story image
Hybrid workforce
Why hybrid working is here to stay and how to ace it
Citrix's new report reveals hybrid workers are more productive and engaged at work than their office and completely remote counterparts.
Story image
Enterprise Resource Planning / ERP
Five ways your ERP is letting you down and why its time for a change
Wiise explains while moving to a new system may seem daunting, the truth is that legacy systems could be holding your business back.
Story image
Microsoft
SAS wins Microsoft ISV 2022 Partner of the Year award
"We formed the SAS and Microsoft strategic partnership with a shared goal of making it easier for customers to drive better decisions in the cloud."
Story image
Internet of Things
ManageEngine wins big in IDC MarketScape assessment
ManageEngine's Endpoint Central service has been recognised as a leader by IDC MarketScape in several categories including Internet of Things device deployments and UEM software for SMEs.