PALO ALTO, Calif., July 07, 2020 (GLOBE NEWSWIRE) -- Today, Xage Security introduces a new universal Multiple-Factor Authentication (MFA) offering, enabling industrial organizations to protect their entire operation, across a variety of assets – even those that previously lacked even basic device password protection – for the first time. Built specifically to support OT/IoT use cases, Xage’s MFA solution eliminates operational dependencies to ensure that industries can protect their assets from attacks, including the growing wave of cyberattacks that exploit remote access vulnerabilities.
Many industrial operations include machines with no password protection, or basic lock/unlock features that lack secure access control. In the last two years alone, digital attacks targeting industrial control systems (ICS) and operational technology increased by over 2000%. Many of these attacks involved a combination of exploiting known vulnerabilities in supervisory control and data acquisition (SCADA) and ICS hardware components, along with default-password and password-spraying attacks leveraging brute force login techniques. Furthermore, recent estimates project the number of IoT connections to rise to 83 billion by 2024, with the industrial sector accounting for around 70% of those connections. The layering of new and legacy systems and technologies, combined with an increase in remote work for the foreseeable future, gives operators less visibility and control over logins happening from various locations at all times––and puts them at massive cyber risk if they leave assets unprotected.
Xage’s new solution enables MFA for any device and application, so industrial organizations can enforce authentication with multiple-factors (passwords, one time token, biometric, etc.) across their entire system. For the very first time, operators can add MFA to all of their assets (new and legacy), and enforce universal multi-factor, identity-based, low latency access on remote assets, even over intermittent networks. Xage’s highly resilient authentication and enforcement are delivered at the edge and continue to operate even if connectivity to the center is lost––ensuring universal tamperproofing without additional dependencies. As a result, Xage’s MFA solution mitigates a vast array of common cyberattacks, including password spraying attacks, password theft, identity theft attacks, and phishing attacks to plant malware on target devices.
“In the last few months, we’ve seen operational systems open up to remote access and authorization––out of necessity for business, but often without all the necessary protections in place,” said Xage CEO, Duncan Greatwood. “With the risk of successful remote attacks having increased exponentially, organizations need to utilize identity-based security. Multi-factor authentication is more critical to industrial operations than ever before, and now operators can immediately deploy it to every asset.”
Xage’s unified MFA capabilities include:
- Identity-based comprehensive access control per device and application, with integration of additional factors as needed
- MFA enforced via the Xage Enforcement Point (XEP) to any legacy one-factor or zero-factor system
- Distributed MFA-protected access control, even for assets disconnected from the center
- Standardization of multi-factor authentication methods and extends them across their deployment base of applications, workstations, control devices, etc.
- Flexibility in choosing and switching between MFA methods (pins, keys, SmartCards, authentication apps, etc.)
- Compliance with multiple standards across verticals, without the need to replace existing assets
- Tamperproof audit trail for all machine-to-machine and user-to-machine interactions
The Xage Security Fabric also enables secure remote access to OT environments, critical to today’s increasingly remote work. Xage provides fine-grained access control to field assets; identity and role-based remote access to individual assets per security policy; protocol, session, and encryption security at the edge; built-in access control and monitoring; tamperproof audit logs for all actions and interactions, and enabled compliance to regulation and standards (e.g. NERC-CIP and IEC 62443).
The Xage Security Fabric is the universal security solution for modern industrial operations, creating the essential trusted foundation for every interaction, whether human-to-machine, machine-to-machine, or edge-to-cloud. The fabric protects all equipment, from new IoT devices to vulnerable legacy systems, delivering identity management, single sign-on, and access control with in-field enforcement across the industrial operation. Xage is the first and only blockchain-protected security solution providing tamperproof, non-intrusive protection and enabling efficient operations and innovation across all industries. Xage customers include leaders in manufacturing, energy, utilities, and transportation.
LaunchSquad for Xage