Conduct compliance control on the upstream and downstream vendors, establish different permission levels from multiple dimensions such as business, data, and files, and make detailed records of external network access for traceability query.

0010-32695 Actively sort out existing assets, classify them according to indicators such as importance, deploy security management products for the whole network, and form a deep defense system with rapid response capability. Excellent security management products can detect the source of virus infection in time and isolate it by monitoring network traffic, effectively blocking virus transmission. The separation of domains can also avoid the spread of ransomware throughout the factory.

0010-32695 Establish a strict and effective data backup scheme to save critical business data and files in local, remote and private clouds to avoid shutdown caused by ransomware infection of critical files.

Strengthen the security protection capabilities of endpoints such as hosts. You can deploy appropriate terminal security management software, and install system patches as much as possible on machines that do not meet the deployment conditions based on compatibility tests. If sensitive ports such as 3389,445 are not required, disable them.

0010-32695

Perform regular security checks on IOT devices and contact manufacturers for real-time updates on the latest firmware versions to prevent attackers from exploiting known vulnerabilities.

Manage wireless connections in the manufacturing area, change passwords regularly (using strong passwords), control private AP access, and turn off wireless functions of unnecessary printers and other devices.

When external personnel access the network in the manufacturing area, they shall use the virtual private network or other encrypted connection schemes, and record the behavior.

Do security scanning of the program files of CNC machine tools, industrial robots and other equipment to ensure that the program files do not carry known viruses.

If possible, it is necessary to do automatic or regular source code 0010-32695 review of the program of CNC machine tools, industrial robots and other equipment, such as the use of abnormal functions, timely feedback programming personnel to modify, record, record, share experience, etc.

Establish a common program file security review library with integrators, and establish access and authentication mechanisms, only certified programmers have permission to read and store programming programs.