• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • CATEGORIES & PRODUCTS
    • Categories


      BACnet

      Building Automation

      Cloud Computing

      Cybersecurity

      Data Visualization

      Edge Computing

      Energy Efficiency

      EtherNet/IP

      FieldServer

      HVAC-R

      Industrial Automation

      IoT

      Modbus

      Predictive Maintenance

      Remote Connectivity

      Utilities

      Products


      FieldServer

      FieldServer Manager

      FieldVEU

      Fixed Gas & Flame Detection

      Parasense

      Column
  • SUBSCRIBE

Digital Safety in a Connected World: Taking Cybersecurity Seriously

Richard Theron | Oct 26, 2023 | 2 Min Read

October 26, 2023 by Richard Theron

Reading Time: 2 minutes

There’s not a workday that goes by without our IoT system architects, AWS specialists, and security professionals doing all they can to ensure that MSA Safety products and solutions are at the forefront of information security management best practices.

So, in honor of October being Cybersecurity Awareness Month, we asked Stephan Adler, MSA Safety io Operations Manager, about the importance of cybersecurity for FieldServer gateway and Cloud products. This is what he had to say.

    Q&A with Stephan Adler, Operations Manager, Safety io GmBH (a software subsidiary of MSA – The Safety Company)

  1. When it comes to cybersecurity, what is MSA’s approach?

    MSA takes cybersecurity very seriously. What we do in running the Cloud and keeping it secure starts with our Industrial Internet of Things (IIoT) cybersecurity pillars. Our information security management systems (ISMS) approach is holistic, extending all the way from who we hire to mandatory controls to our secure software development lifecycle. ISO/IEC 27001 promotes this comprehensive approach to information security, calling it vetting people, policies, and technology.” And that’s exactly how we approach cybersecurity, too.

  2. What is ISO/IEC 27001 certification—and why does it matter?

    ISO/IEC 27001 is the best-known international standard for ISMS practices. Getting certified is a big deal because it means an organization has passed an independent audit by an accredited body. It also means the organization is committed to managing information securely and safely.

    MSA Safety io® is certified to ISO/IEC 27001 for the operation of MSA Safety’s Cloud platform, the secure handling of data in day-to-day business, and our software development practices. I’m also happy to share that we’re actively working toward this certification for FieldServer.

  3. What role do system integrators play in ensuring cybersecurity?

    It’s essential to have a product solution that enables communication with the Cloud in a secure way. That means encrypting data in transit and at rest. But keep in mind that security is not just for the Cloud. It’s also from site to end destination. For example, our annual FieldServer penetration testing follows ISO/IEC 27001 certification standards to ensure that everything between the FieldServer and our Cloud solution is encrypted.

    Cybersecurity is a shared responsibility.

    We take great care to have best practice processes in place along every layer of development of our secure products, including FieldServer. But let me be clear: Cybersecurity is a shared responsibility.

    In addition to choosing secure IoT devices and gateway products like the FieldServer, system integrators should want to ensure that their organizations have dedicated security programs of their own.

  4. What cybersecurity tips do you have for system integrators?

    In general, I would recommend anyone implementing FieldServer gateways and routers follow basic security principles. This includes the principle of least needed access. For example, before enabling remote access, ask yourself such questions as:

    • Do we truly need remote access?
    • If the answer is yes, then who exactly needs this remote access?
    • Where do they need it from?
    • Do they need remote access on the whole thing or is limited access to say, a temperature reading, enough?
    • Is read-only access enough or do some stakeholders need write access instead?

    Because we build security into our products, that means we give our customers—some of whom include very secure government sites—the tools they need to ensure robust cybersecurity measures. It’s up to them, however, to use these tools.

Resources

  • Read our Cybersecurity for Connected Automation white paper (https://us.msasafety.com/fieldserver-cybersecurity-for-connected-automation)
  • Schedule a routine security checkup using this 7-point security checklist. (https://blog.sierramonitor.com/7-point-security-checklist-for-managing-plcs-through-vpn/)
  • Reach out to us to learn more about the security of any of our gateway products or Cloud solution. (https://us.msasafety.com/fieldserver#contactUs)

About Richard Theron

Richard Theron is the product line manager for FieldServer at MSA, where he works intimately with companies in the building automation, industrial automation, energy management and life safety markets to help them cloud-enable their equipment.

Recommended for You

Cybersecurity

OEM Cybersecurity Strategies to Help Prevent Data Theft

September 10, 2024
3 Min Read
Penetration Testing
Cybersecurity

Crucial Insights on Penetration Testing for IoT Protocol Gateways

November 5, 2024
4 Min Read
Share:

Footer

MSA MISSION: That men and women may work in safety and that they, their families, and their communities may live in health throughout the world.

Visit Our Sites

  • FieldServer Solutions
  • MSA
MSA on Facebook   MSA on X   MSA on LinkedIn  

Contact

  • blog@msasafety.com
  • 1-800-672-2222
  • View All Contact Info
  • Subscribe

Other MSA Blogs

  • Industrial – Spotlight on Safety
  • Fire Service – The Scene

© 2024 MSA. All rights reserved.