Building a Resilient World:
The ISAGCA Blog

Welcome to the official blog of the ISA Global Cybersecurity Alliance (ISAGCA).

This blog covers topics on automation cybersecurity such as risk assessment, compliance, educational resources, and how to leverage the ISA/IEC 62443 series of standards.

The material and information contained on this website is for general information purposes only. ISAGCA blog posts may be authored by ISA staff and guest authors from the cybersecurity community. Views and opinions expressed by a guest author are solely their own, and do not necessarily represent those of ISA. Posts made by guest authors have been subject to peer review.

All Posts

Separating Man from Machine: KVM Reduces Security Threats

Modern keyboard, video, and mouse (KVM) systems are not just a way to improve efficiency and flexibility into an operation. Sophisticated KVM technology also provides an additional step toward protecting against cyberattacks. KVM systems build the backbone of information technology (IT) and operational technology (OT) supported processes in organizations. By separating man from machine, they provide an optimal basis for seamless interconnection of all used systems and seamless IT integration in industrial process automation.

Simply put, KVM removes computers from the workplace and stores them in a dedicated technical area free from the noise, clutter, heat, and dust of a production floor or control room (along with latency-free remote access). Further, it allows an individual user to operate several processes simultaneously. Each workstation can consist of multiple screens, and each screen can show individual computer sources that operators can survey and operate all at one time. KVM allows the right system availability at the right time. The user can easily switch between computers and handle complex consoles with many screens, but with just a single keyboard and mouse.

KVM Helps Mitigate Cybersecurity Risks

Cybersecurity is an important aspect that KVM solutions allow to make installations more secure. Removing the computer from the desk is a core strategy for protecting its access. For starters, you cannot directly connect a USB drive or plug in a USB drive to a computer anymore. Data shows that most cyberattacks originate internally—either by human error or on purpose—as opposed to outside factors.

Externally, modern KVM systems allow an organization to achieve “network separation.” With different security classifications of the networks (dedicated networks where all the critical processes run, and a separate network that may even have access to the public internet, which would make it more at-risk of an external attack), the risk of cyberattacks can be minimized. KVM systems provide the basis for flexible system access and help to harmonize computer technology across systems.

GD_graphic for ISAEnsuring cybersecurity with separate computers connected to different networks, operated from a single user interface.

With KVM, users only access the computer interfaces, not the computers themselves. Several systems are accessible at the same time, but without a data connection between the systems. Organizations can separate critical internal applications in the data flow from external applications like web surfing or external video conferencing. For example, they can keep the critical processes on the internal network and everything that is connected to the outside world can be kept separate.

Ensuring Security Through Redundancies

KVM systems offer numerous options for creating redundancies for mission-critical applications. Depending on the complexity and requirements of individual applications, the respective redundancy concept can be either rather simple or quite sophisticated and complex. Redundancies back up either only the KVM system, the computer side, the console side, or the entire application. For smaller applications, redundancy can already be ensured by using a local switch.

Don Hosmer
Don Hosmer
Don Hosmer, VP Sales Americas & General Manager G&D North America Inc., has more than 30 years of experience in video, audio and data transport applications. He has extensive expertise in control rooms and application design for KVM extension products, switching systems and compression technologies over both copper and fiber cabling infrastructures.

Related Posts

Practical Insights for Implementing Control System Security

Introduction In this blog post, we’ll share practical insights from operational experience in managing cy...
Pinakin Gokhale Nov 29, 2024 7:00:00 AM

Innovations in R&D: How AI Is Transforming Industrial Cybersecurity Operations

Industrial control systems are becoming more complex as evolved cyberattacks threaten industry functions....
Devin Partida Nov 15, 2024 7:00:00 AM

In Conversation with Authors of ISAGCA White Paper on Zero Trust and ISA/IEC 62443

The ISA Global Cybersecurity Alliance (ISAGCA) recently published a white paper exploring the application...
Kara Phelps Nov 8, 2024 12:00:00 PM