Major Food & Beverage Company

Challenge: after ransomware attack, needed to increase cyber defenses to protect 100+ manufacturing sites located around the world

Solution: Honeywell Forge Cybersecurity Suite selected for secure remote access and asset management solutions

Value to Customer: increased protection for assets; industrial grade secure remote access for employees and third parties located anywhere in the world

Major Oil And Gas Company

Challenge: needed to overcome limited in-house cybersecurity expertise across multiple refineries

Solution: Honeywell’s Managed Security Services (MSS) with secure remote access selected for secure remote connections, software patch and anti-virus management, and security and performance monitoring for multiple sites in North America, South America, Europe and Asia

Value to Customer: increased cyber protection and reduced risk, industrial grade secure remote access for employees and third parties

Unique Honeywell Technology

• No inbound firewall rules, all connections initiated from inside the high trust network over a single outbound port (aka., reverse tunnel). No direct attack surface!
• Multifactor authentication to Security Center, separate from local per-site authorization.
• Customer-controlled human authorization per session. Allowing site autonomy in addition to centralized user management
• Authorization is time-limited per-session, per-user, per-protocol.
• Just-in-time point-to-point channel is established within reverse-tunnel, after authorization. By default, no remote access channel from Security Center to Site until needed.
• Remote user or remote computer is never part of trusted network. Cannot escape the point-to-point channel established across trusted and untrusted networks
• Password vault holds the actual password, it is never revealed to the remote user. Avoids the complexity of sharing passwords or changing them after each use or termination of access.
• Real-time supervision (i.e., screen sharing), recording, playback, and session termination. Supports both forensic incident investigation and training.
• Local authority to terminate sessions for unrecognized, suspicious behavior, or plant operational situation changes (e.g., plant upset, shutdown, emergency).
• Full audit trail of requests, authorizations, protocols, sessions, users, etc.
• Remote VSE Service Node must be pre-registered with Security Center to function (no rogue nodes)
• ISA-Secure Certified Development Organization (HPS Secure Development Process)
• ISO/IEC 27001 Certified security management system for Managed Security Service Center.
• Numerous customer, OEM partner, 3rd-party, and internal penetration tests and security reviews of Managed Security Service Centers and software code.

Trusted by Honeywell, OEM Partners, and Customers for Secure Remote Support of over 4,000 Industrial Installations