Data security: protect your ‘gold’ from cyber threats
Heikki Laurila, Product Marketing Manager, Beamex
When I joined Beamex 35 years ago, functionality was the central focus, not data security. But this was long before the Internet when instances of industrial espionage required physical access. This limitation no longer applies to trade secret theft in today’s digital era. Cybercriminals can breach computer systems from anywhere in the world.
While calibration data may not be the most crucial information within an organisation, it represents proprietary data deserving of rigorous safeguarding. This data holds a wealth of cumulative historical information that is a valuable resource for analysis and insights, underscoring the need for robust management to avert unauthorised access or potential loss.
Furthermore, it’s vital to recognise that every facet of your organisation’s security, including the calibration software, holds importance, as hackers often target the weakest link to gain access to other systems and cause damage.
Building a Fort Knox for your calibration gold
Calibration software has witnessed a transformative journey, evolving from localised on-premises installations to versatile cloud solutions. Today, calibration data holds significance in the process industry, as it substantiates the precision and functionality of tools and equipment. This “calibration gold” is integral to operational excellence, safeguarding the quality and reliability of measurements.
Organisations often need help choosing the localised control of on-premises setups and the robust security features of platforms like Azure Cloud. Cloud solutions often surpass local servers in ensuring data security and resilience by offering state-of-the-art encryption, frequent security updates, and expert oversight.
Technological advancements in process calibrators have introduced features like internet connectivity and USB ports, ushering in a new era of functionalities and potential vulnerabilities. Implementing stringent security measures such as regular software updates, firewall protections and secure connections can mitigate risks and prevent unauthorised access.
For example, the Stuxnet worm discovered in 2010 targeted Iran’s nuclear program by compromising SCADA systems controlling gas centrifuges. Likely developed around 2005, it infected over 200,000 computers, damaging about a quarter of the country’s nuclear centrifuges and rendering 1,000 machines unusable. While the US and Israel haven’t officially claimed responsibility, many experts attribute this cyber weapon to them.
The manufacturing phase of calibrators poses potential risks with the infiltration of malware and worms. Manufacturers must uphold rigorous security protocols, verifying and validating every component, software, or firmware update to thwart malicious intrusions. In line with the discussions in our earlier articles on decoupling, discerning the manufacturing origins of your calibrator can offer additional insights into its security profile.
Using an embedded Linux operating system in Beamex’s process calibrators further lowers the vulnerability to viruses compared to Windows, underscoring our focus on making it as difficult as possible for potential attackers.
Leveraging Digital Calibration Certificates
In 2022, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) made significant revisions to ISO 27001, the global benchmark for information security. This has since been followed by the EU bolstering cybersecurity and resilience by enacting the Digital Services Act (DSA) and the Digital Market Act (DMA) in September 2023.
These measures are designed to set the stage for fair competition, ultimately promoting innovation, growth and competitiveness. They help organisations protect their information assets from threats, such as unauthorised access, data breaches and cyberattacks. At Beamex, we are working to implement the required changes and are supporting Germany’s national metrology institute to develop the Digital Calibration Certificate (DCC).
DCC marks a significant milestone in enhancing data security, encapsulating data in a tamper-proof and authentic format that offers a reliable tool in the modern calibration ecosystem. While cybersecurity forms a vital component of data management, it operates synergistically with data integrity. The credibility of a secure digital vault diminishes if it houses flawed or inaccurate calibration data. Hence, rigorous scrutiny at each calibration stage is paramount to ensure data accuracy before archiving in secure repositories.
Data integrity – the other side of the coin
Despite the digital revolution, many organisations persist with paper records, a practice laden with vulnerabilities. The physical storage of these records presents challenges in safeguarding against theft, damage or unauthorised access. Moreover, the inability to facilitate analytical evaluations renders these records relatively inert, thus wasting potential insights that could be gleaned from digital databases.
What’s the point of developing these secure systems if the integrity of the original measurement data is flawed? With the Beamex ecosystem, we maintain precision by exclusively relying on measurements from the calibrator, thereby eliminating manual data entry. This digital data is securely transferred to our calibration management software, guaranteeing the highest data quality within the system.
For pharmaceutical entities, calibration discrepancies can escalate to severe repercussions, including public FDA warning letters. These warnings, albeit not disclosing actual data, highlight organisational lapses in calibration management, potentially damaging the company’s reputation and public trust. Ensuring public safety transcends reputational concerns, making it crucial to maintain stringent calibration protocols.
As the process industry transitions towards a data-centric and interconnected paradigm, adopting a proactive stance on cybersecurity in calibration is imperative. This approach safeguards valuable assets, fosters trust and upholds the benchmarks of operational excellence.
You might also find interesting
For a safer and less uncertain world
Welcome to our series of topical articles where we discuss the impact that accurate measurement and calibration has on the world and our everyday lives.