感应自动化Kevin McCluskysuggests a different approach to make your industrial systems safe and secure in this month's featured guest blog.

What would it take to break into Fort Knox? As one of the most secure locations on the planet, it wouldn’t be easy. However, someone with the right amount of time, planning, and determination may be able to find a way.

The same is true for most industrial systems. So, how to protect what’s inside? Strategies that may work in the physical world—thicker walls or taller fences—don’t translate to digital systems. The tools of the trade here are a variety of high-tech solutions such as firewalls, SIEMs, IDS’s, and IPS’s. These are tools mainly to monitor network traffic and control the flow, and provide early alerts if there’s unusual activity.

However, what if we threw out all of those traditional tools and took a different approach?

Prepare to make security changes to your email accounts by May 30, 2022.

For a long time, automation engineers have sent email alerts and reports from automation applications via a ‘throwaway’ Gmail account. This seemed harmless enough at the time and really useful, but it wasn’t very secure. As email abuse has risen over the years, it's time for the “less secure” party to come to an end.

Does this mean an end to all email alerts? Not at all. You just need to adjust your Google Gmail settings and update to a new application password in each application. Of course, this applies (with different end dates) to most other email providers as well as Google; check with your email provider for details. This blog will focus on Google Gmail.

Get help designing a secure industrial automation system with Opto 22's cybersecurity resources.

When you usegroov史诗orgroovRIO德赢下载产品，您可以放心，您可以从开箱即用。甚至还有一个groov史诗Cybersecurity Technical Guideto help you design a secure system with step-by-step instructions.

With cybersecurity being one of the top concerns in today's industry, we decided it was important to address all your questions on security. We've put together several resources in a single location on the Opto 22 website to help you better understand your options when it comes to building the most secure control system possible.

BDATA Solutions addresses the issue of Cybersecurity in IoT and Edge devices through blockchain technology.

With the recent well-publicized internet hacks, cybersecurity is unfortunately at the forefront of many people's minds. Our latestOptoPartner Videois timely, as BDATA Solutions uses Blockchain technology to address this issue in Industrial Internet of Things architecture.

Best practices for cybersecurity and more from thegroovEPIC v3.2更新，以帮助您签署关键安全升级。

Solarwinds, Oldsmar, Colonial, JBS—with all the cybersecurity news filling our inboxes, news feeds, and social channels, your customers may finally be ready to talk about a more rigorous security strategy.

因此，我认为这是分享我们最近更新的技术注释的相关时间：groov史诗般的网络安全设计和最佳实践。” It details the mindset and specific actions that can change your automation from a security vulnerability into a security asset.

特里·果园（Terry Orchard）回到他的工作室中，为您提供有关安全外壳访问（SSH）功能的视频概述groov史诗。

Whether you're already using Opto 22'sgroov史诗或一直在研究其功能，重要的是要注意其随附的广泛编程选项。您可以使用简单的基于流程图的PAC控制，familiar IEC 61131-3 compliant languages of CODESYS, or build Node-RED flows to move data.

But, did you know EPIC allows you to build your own custom applications using languages you know like Python, C/C++ and run them on an open, Linux^®基于基于操作系统？这就是特里·果园（Terry Orchard）最新视频的主题，这是新的Opto 22开发人员系列的一部分。

最近版本的新功能之一groov史诗firmware (R1.4.0+) that hasn’t gotten much attention yet is the built-in virtual private network (VPN) client. I’m excited about it because it’s an incredibly rare feature in PLCs and PACs and makes it much easier to create a secure architecture for managing remote equipment.

Why? Because a VPN essentially creates a secure tunnel through the internet—using encryption and user authentication—that can connect remote EPICs to your PC or trusted company network. From a security and connectivity standpoint, it’s like the EPIC is on your desk or in your facility, protected in all the ways you protect your company network. Anything you can do with a locally networked device, you can do with a remote system using VPN.

最近在WindRiver®VXWorks®IPNetTCP/IP堆栈中发现的安全漏洞的宣布促成了Opto 22客户的问题，涉及该发现可能对Opto 22开发和制造的TCP/IP基于TCP/IP的产品产生什么影响。德赢下载

Opto 22 would like to reassure our customers that, after careful and thorough review, we can state thatnone of our hardware or software products contain the VxWorks IPnet TCP/IP stackor variants of that software and are, therefore,not directly exposed to any attacks that might target these vulnerabilities。该声明适用于最近的Opto 22产品系列groovEPIC®（边缘可编程工业控制器），groov® Edge Appliance (groovBox), the SNAP PAC® System, and SNAP Ethernet I/O® products.

这些安全漏洞被企业物联网安全公司Armis称为紧急/11，具有深远的影响，并影响了一系列极大的工业，医疗和企业环境。其中包括关键任务系统，例如SCADA，工业控制者，PLC，PAC等。传统工业设备之外的其他系统（例如患者监视器和MRI机器）以及防火墙，路由器，调制解调器，VoIP电话和打印机也受到影响。

As you might have read in previous blog posts,groov史诗runs a Linux-based operating system that supports a variety of programming and operating options, including optionalsecure shell (SSH)access. SSH provides root access to the tools, software, and files on thegroov史诗system。

但是，SSH访问如何工作，它的能力以及适合您的功能？在这篇文章中，我将对安全壳和Linux操作系统（OS）进行更多的深度groov史诗and provide answers to these questions.

Go on, admit it. At some point in your life you've written down a password on a piece of paper in clear text. Anybody walking by can simply glance at your note, and they'll know what your password is.

No, you have never done that? Excellent.

But if you've ever used your web browser to log into a website over the web, and entered sensitive information like your passwordwithout encryption, you've effectively transmitted that information through the internet for all to see, almost like writing it on paper and showing it around.

Whoa.