Our Plant Operators Need Access From Home, But We Can’t Risk Opening Up the Network: Secure Remote Access for Manufacturing

The pandemic forced a reality many manufacturers weren’t prepared for: critical staff who couldn’t come to the plant needed to access production systems remotely. Engineering staff needed to monitor equipment from home. Maintenance managers needed to review alarms and diagnostics. Even some operators needed the ability to monitor and adjust systems without being physically on-site.

The challenge? Your production control systems weren’t designed for remote access. Opening them up to the internet feels dangerous because it is, if not done correctly. But completely preventing remote access creates its own problems: inability to respond to issues quickly, requiring staff to come on-site for minor adjustments, and dependency on whoever happens to be in the building.

Finding the right balance between secure remote access for manufacturing and operational needs isn’t just a technical challenge. It’s a business imperative that requires careful planning and one where the right manufacturing IT service partner can make the difference between a secure, structured solution and a hastily opened connection that puts your entire production environment at risk.

Why Remote Access for Production Systems Is Different

If you’re thinking “we’ll just set up VPN access as we do for office workers,” understand that production systems have different requirements and risks:

Real-Time Control and Monitoring

When someone remotely accesses an HMI to monitor a production process, they need real-time responsiveness. Latency that would be barely noticeable when accessing email can be problematic when you’re trying to make control adjustments or respond to changing conditions.

Safety Implications

Remote control of production equipment means that someone who’s not physically present could make changes that affect safety. They can’t see, hear, or smell what’s actually happening on the plant floor. They can’t immediately press a physical emergency stop if something goes wrong.

24/7 Availability Requirements

Production doesn’t stop on weekends or holidays. If your remote access system is down, you might need emergency on-site response at 2 AM on Christmas. The reliability requirements are much higher than for typical business systems.

Legacy System Compatibility

Many production systems use older protocols and software that weren’t designed with remote access security in mind. They might not support modern authentication methods, encryption, or access controls.

Compliance and Audit Requirements

Depending on your industry, you may have regulatory requirements about who can access production systems, how access is authenticated, and how actions are logged. Remote access needs to meet these requirements while still being practical.

The Risks of Getting Remote Access Wrong

Before discussing solutions, let’s be clear about what can go wrong:

Unauthorized Access

If your remote access isn’t properly secured, you create a pathway for attackers to reach your production systems. This isn’t theoretical; there are documented cases of ransomware reaching industrial systems through poorly secured remote access.

Accidental Disruption

Even authorized users can cause problems if access isn’t properly controlled. Someone working remotely might not realize they’re making changes to a live system instead of a test environment. Or they might lose network connectivity in the middle of a critical operation.

Vendor Access Sprawl

Over time, you accumulate VPN accounts for various vendor technicians who need temporary access for support. If these accounts aren’t properly managed, you end up with unknown people having persistent access to your production systems.

Insider Threats

Remote access makes certain insider threat scenarios easier. A disgruntled employee with remote access could disrupt without being physically present, where they might be noticed.

Compliance Violations

Inadequately controlled remote access can create audit findings or compliance violations, especially in regulated industries like food and beverage or pharmaceuticals.

Solution 1: Site-to-Site VPN for Permanent Connections

For connections that need to be always available, like between your headquarters and remote manufacturing facilities site-to-site VPN provides a good foundation.

How It Works

Site-to-site VPN creates an encrypted tunnel between two locations. From the users’ perspective, systems at the remote location appear to be on the local network. There’s no need to manually connect or authenticate each time.

When This Makes Sense

• Connecting multiple facilities in your organization
• Allowing headquarters staff to monitor multiple plants
• Integrating remote production data into central systems
• Supporting vendors who need frequent, ongoing access to specific systems

Limitations

• Both endpoints need stable internet connections
• If the VPN goes down, all remote access is lost
• Everyone at the remote end has the same level of access
• Doesn’t provide granular control over who accesses what

Solution 2: Client-Based VPN with Access Controls

For individual users who need remote access, a client-based VPN with proper access controls provides more flexibility and security.

How It Works

Users install VPN client software on their devices. When they need access, they connect to the VPN, authenticate, and gain access to specific systems based on their authorization level.

Essential Components

• Multi-factor authentication (MFA): Requires more than just a password. This might be a code from an authenticator app, a text message, or a hardware token.
• Role-based access: Not everyone should access everything. Engineering might need access to the SCADA system. Maintenance might need access to equipment diagnostics. Vendors might need access only to specific equipment they support.
• Network segmentation: Even with VPN, users shouldn’t have unrestricted access to your entire production network. Segment access so users can only reachthe systems they need.
• Session monitoring and logging: Track who accesses what and when. This creates accountability and helps with troubleshooting and compliance.

Implementation Challenges

• Users complain about the extra authentication steps (which is exactly why they’re necessary)
• Managing access rights as people’s roles change
• Supporting users who have technical difficulties with VPN clients
• Ensuring remote devices are properly secured (antivirus, patches, etc.)

Solution 3: Jump Boxes and Bastion Hosts

A jump box (also called a bastion host) provides a secure intermediate point for remote access to production systems.

How It Works

Instead of allowing direct remote connections to production systems, users connect remotely to a hardened jump box. From there, they access production systems. All activity goes through this controlled, monitored point.

Advantages

• Centralized security: Apply strong security controls at one point instead of every possible endpoint.
• Better logging: All access attempts and activities can be comprehensively logged.
• Legacy system compatibility: The jump box can handle modern authentication and security while connecting to legacy systems that don’t support them.
• Easier to revoke access: Disable someone’s access to the jump box, and they’re immediately cut off from all production systems.

Best Practices

• Keep the jump box highly secure and patched
• Restrict what software can run on it
• Record sessions for audit and troubleshooting purposes
• Limit the number of simultaneous connections
• Monitor for unusual activity patterns

Solution 4: Vendor Remote Access Management

Managing vendor access is one of the biggest remote access challenges. You need vendors to be able to support their equipment, but you don’t want to give them persistent, unmonitored access.

Strategies That Work

• Time-limited access: Grant vendor access for specific support sessions with automatic expiration.
• Escorted access: Requires a staff member to be present (virtually) during vendor sessions.
• Activity monitoring: Record or monitor vendor sessions so you know what they’re doing.
• Isolated access: Limit vendor access to only the systems they need to support, not your entire network.
• Dedicated vendor VPN: Separate VPN infrastructure for vendors with different security policies than employee access.

What Doesn’t Work

• Permanent VPN accounts for vendor technicians who use them once a year
• Generic “vendor” accounts with shared passwords
• Unmonitored vendor access with no audit trail
• Allowing vendors to use their own remote access tools without oversight

The “In Case of Emergency” Scenario

What happens when your primary remote access method fails, and you have an urgent production issue? You need a backup plan.

Secondary Access Methods

• Out-of-band management: Dedicated management interfaces that work even if the primary network is down.
• Cellular backup: Backup internet connection via cellular that can be activated if the primary internet fails.
• Emergency on-site procedures: Clear procedures for who can access the facility after-hours and how they get in.
• Vendor emergency contacts: Pre-established emergency support procedures with critical vendors.

The Challenge of Secure Emergency Access

Emergency access often requires some security compromises for the sake of getting production back online. The key is:

• Limiting who has emergency access capabilities
• Logging all emergency access use
• Reviewing emergency access procedures regularly
• Temporarily tightening security after using emergency access until proper security can be restored

Training and Procedures

Technology alone doesn’t make remote access secure. You need procedures and training:

For Remote Users

• How to connect securely (never from unsecured public WiFi)
• What devices are approved for remote access
• How to recognize social engineering attempts
• What to do if they suspect their credentials are compromised
• Limitations of remote control (when to say “I need to be on-site”)

For On-Site Staff

• How to verify remote access requests
• When to restrict remote access due to safety concerns
• How to assist remote users who need additional information
• Emergency procedures if remote access needs to be cut off

For Management

• How to review access logs and monitor for issues
• How to grant and revoke access appropriately
• Compliance requirements and how they’re being met
• Incident response procedures for remote access security events

Monitoring and Auditing Remote Access

Secure remote access for manufacturing requires ongoing monitoring:

Real-time monitoring:

• Who’s currently connected remotely
• What systems are they accessing
• Any unusual access patterns (logins at odd times, multiple failed attempts, etc.)

Regular audits:

• Review of who has remote access and whether they still need it
• Analysis of access logs for security concerns
• Verification that access controls are working as intended
• Compliance with any regulatory requirements

Automated alerts:

• Failed authentication attempts
• Access to particularly sensitive systems
• Access outside normal hours (if unusual for that user)
• Multiple simultaneous connections from the same account

Making the Business Case

If you’re trying to justify investment in proper remote access infrastructure, focus on these factors:

• Incident response time: How much does it cost when production is down, and the person who can fix it needs two hours to drive to the site? Proper remote access can turn that into 15 minutes.
• Staff efficiency: Engineers and managers spend less time traveling to sites just to check on things or make minor adjustments.
• Vendor support costs: Many vendors charge premium rates for on-site support. Remote support is typically less expensive.
• Risk reduction: The cost of implementing secure remote access is far less than the potential cost of a security incident from poorly secured access.
• Competitive advantage: Being able to respond quickly to issues gives you more reliable production and better customer service.

Implementation Roadmap

If you’re building or improving remote access for production systems:

Phase 1: Assessment

• Document who needs remote access and why
• Identify systems that need to be remotely accessible
• Assess current security posture
• Identify compliance requirements

Phase 2: Infrastructure

• Implement core remote access technology (VPN, jump boxes, etc.)
• Configure network segmentation
• Set up authentication systems with MFA
• Establish logging and monitoring

Phase 3: Access Control

• Define roles and access levels
• Configure granular permissions
• Set up vendor access management
• Create access request and approval workflows

Phase 4: Procedures and Training

• Document remote access procedures
• Train users and administrators
• Establish incident response procedures
• Create audit and review processes

Phase 5: Ongoing Management

• Regular access reviews
• Security updates and patches
• Procedure refinement based on lessons learned
• Compliance audits and reporting

Moving Forward

Secure remote access for manufacturing is not about choosing between security and operational needs. It’s about implementing solutions that enable necessary remote access while managing the risks appropriately.

The manufacturers who do this well have several things in common:

• Clear policies about who can access what remotely and under what conditions
• Strong authentication and authorization controls
• Comprehensive logging and monitoring
• Regular review and maintenance of access permissions
• Training and procedures that help users work securely

Remote access to production systems is no longer optional for most manufacturers. The question is whether you’ll implement it thoughtfully with appropriate security or end up with ad-hoc solutions that create risk. With proper planning and implementation, you can enable the remote access your operations need while keeping your production systems secure.