Recommendations

Recommendations to optimize cybersecurity in a protected environment:

  • Use Access Control for objects in Windows Active Directory and authentication.

  • Use Plant SCADA to store configuration files.

  • Follow recommendations and implement cybersecurity configuration using the Cybersecurity configuration checklist.

warning

potential compromise of System availability, integrity, and confidentiality

Use cybersecurity best practices to help prevent unauthorized access to the software.

Failure to follow these instructions can result in death, serious injury, equipment damage, or permanent loss of data.

See Using Cybersecurity Admin Expert (CAE) for cybersecurity for information on configuring cybersecurity using the CAE tool.

See Decommission for recommendations and procedures about decommissioning.

Personal information confidentiality

Power Operation does not proactively collect personal information. Some personal information is collected and stored related to settings and functionality.

Ensure live data and backups are protected.

warning

potential compromise of System availability, integrity, and confidentiality

  • Change default passwords to help prevent unauthorized access to settings and information.

  • Use Windows Active Directory for user account management and access to network resources.

  • Disable unused ports/services and default accounts, where possible, to minimize pathways for malicious attacks.

  • Place networked devices behind multiple layers of cyber defenses (such as firewalls, network segmentation, and network intrusion detection and protection).

  • Use cybersecurity best practices (for example: least privilege, separation of duties) to help prevent unauthorized exposure, loss, modification of data and logs, interruption of services, or unintended operation.

  • Follow cybersecurity tasks as described by your organization or contact your network administrator.

Failure to follow these instructions can result in death, serious injury, equipment damage, or permanent loss of data.

See: