Welcome to “Ask Deb from QA,” an advice column from MxD.
Deb from QA — with decades of experience on the factory floor — will answer your questions to demystify and explain the digital manufacturing industry.
Please submit your questions to debfromqa@mxdusa.org
Dear Deb from QA: What does Zero Trust mean?
Zero Trust? It sounds like wise dating advice, but it’s actually a way for companies to approach cybersecurity. With all those ransomware attacks going on, it’s getting a lot of attention.
The first thing to know is Zero Trust is a philosophy, or strategy, and not some piece of hardware you can roll onto the factory floor. It boils down to trusting no one and verifying everyone. To protect the network, tech folks assume it’s always under attack. They do their software magic to allow only specific tasks and block folks who can’t prove they are who they say they are. If there is a breach, something called “network segmentation” ensures it can be isolated so the whole factory doesn’t go down.
Think of it like an office vs. a bank. Once downtown office workers scan their ID to get into the building, they are free to roam. They can connect with colleagues down the hall, hit the break room, or dash into the supply closet to grab all the pens. That’s like a traditional network relying on one-time password access.
But it’s not like that at the bank. Even after you jump through all the required identification hoops, there’s no way you can mosey around, popping into any old office or getting into the vault to count out your Benjamins. That’s Zero Trust.
In the factory, a tech team deploying a Zero Trust strategy can hook up sensors, IoT devices, new servers, old machinery – whatever – and specify that they do only the tasks they should be doing.
For instance, my work computer would still be connected to the 3D printer. But with Zero Trust, the printer would only be allowed to listen to or print from specific computers we pre-determine. That way, hackers can’t even communicate with the printer to try seizing it to make it do what they want. With Zero Trust, a hacker can’t even find the printer to try and attack it!
Most of us already have a Zero Trust mindset when it comes to our personal accounts. When I want to check my credit card balance or send a Snap to cheer up my niece when she’s studying all night at her fancy university, I go to the app, type in my user name and password, and then DING! I get a text with a code that I have to enter before I can get at my account.
Now I know to watch for that same multi-factor authentication when I’m at work, which means I won’t get access until I prove I’m Deb with things like an encrypted code or a bio ID like a fingerprint.
As I said earlier, this Zero Trust is getting a lot of attention for a bunch of reasons – including those costly ransomware attacks, all of that remote worker access that needs to be secured, and even President Joe Biden’s Executive Order on Improving the Nation’s Cybersecurity.
In May, the president gave federal agencies 60 days to develop plans to adopt Zero Trust. As those plans trickle down, expect to see a lot more people jumping onto the bandwagon. Thankfully as we navigate this so quickly there’s some helpful information out there like a report I found from AT&T, which partners with my friends over at MxD.
The bottom line is this is all about keeping things secure. With so many cyber thugs out there, factories need to fill the moat, pull up the drawbridge, and shoot flaming arrows from the turrets. Zero Trust is one way to do that.
Assuring quality,
Deb
Check out the last Ask Deb here:
Deb: What is edge computing?
Deb from QA wants to hear your questions. Send ’em to debfromqa@mxdusa.org and she’ll answer as soon as she’s done with her dinner.