IIoT Security for Electrical Wholesalers: Mitigating the Risks of Industry 4.0

Every week, more low-cost sensors, devices, and analytics platforms hit the market. This is the Industrial Internet of Things (IIoT) — industrial equipment that tracks its own data, connects to a network, and transforms information into insight. And IIoT isn’t limited to high-profile use cases like smart manufacturing or asset tracking in the supply chain. It can also help electrical wholesalers improve efficiency, make better operating decisions, and cut costs across a broad range of activities.

IIoT Security for Electrical Wholesalers Mitigating the Risks of Industry 4.0 (1)

Take the example of cut-to-length cable distribution. Many cable and wire suppliers struggle to manage orders, track inventory, and update order data with customers. IIoT solutions like the BHS Spool Winding Trolley (SWT-IIoT) digitize and even automate these tasks, thanks to a suite of embedded sensors that connect with cloud-based portals for managers and operators alike.

Managers can pre-program orders, assigning them to individual workstations. As operators fill the order, digital cable counters track every foot of product. The SWT-IIoT’s overhead rim drive makes this process safe and efficient. Customizable reporting provides total process visibility, so you can manage according to hard data, not guesswork.

IIoT solutions like the SWT-IIoT are spreading throughout industry, creating a strong competitive edge for electrical distributors. Even if you don’t use IIoT, odds are your competitors will. The global market size for IIoT products is expected to grow from its 2020 value of over $216 billion to more than $1 trillion by 2028, reflecting a tremendous rate of adoption.

However, the remarkable benefits of IIoT rely on connectivity. This connectivity raises the threat of infiltration — and core business data is the last thing you want falling into the wrong hands. As you roll out connected devices in your distributorship, factor cybersecurity into ROI calculations. Here’s what innovative distributors of cable, wire, and electrical components need to know about IIoT security.

IIoT Security Advice from the Department of Homeland Security

According to a 2019 report from the Public-Private Analytic Exchange, operated by the Department of Homeland Security (DHS), risk management for IIoT systems includes four best practices for cybersecurity more broadly. These include:

1. Create and maintain a detailed inventory of IIoT assets.

The first step to controlling access to your IIoT systems is to know what’s there. That includes each device or sensor. It also includes hardware, software, and firmware — along with the versions of each you’re currently running. Your IIoT inventory provides a guide for later risk-mitigation steps, and can help you identify where security flaws reside, if any show up during later testing.

2. Run periodic security tests on all IIoT components.

Penetration testing, or pentesting, is a safely simulated attack on your IT systems. Cybersecurity specialists run these tests, essentially attempting to hack your systems before a harmful actor can. That reveals vulnerabilities and gives you a chance to remove them before they become a threat. Between pentesting exercises, use IT tools or third-party firms to run security scans that assess your IIoT infrastructure for potential vulnerabilities. The goal is to be proactive, not reactive, to cybersecurity threats.

3. Stay current with software updates.

Not all IIoT software updates automatically, and out-of-date software is a common security vulnerability. This is where your IIoT inventory will come in handy. Periodically check in with all IIoT vendors and manufacturers to check for security patches. Update software with these patches as soon as they’re released.

4. Monitor potential access points for your IIoT devices.

Cybercriminals use publicly available tools to hunt for vulnerable IIoT systems; you can do the same, seeing if your IIoT assets are showing up in the places malevolent actors search for them. Look for your own systems on services like Shodan.io, an IoT search engine. You can also check workplace email addresses and business phones on sites like haveibeenpwned.com, which let you know if the identifying information you list has been included in large-scale data breaches.

As you may have noticed, these four principles of cybersecurity do require some level of IT investment. Small and mid-size electrical wholesalers may not have enough IT resources to devote to high-level pentesting every other week. The good news is that there’s one thing every IIoT user can do to harden their systems against attack without any level of IT expertise: Manage authentication wisely.

Managing IIoT Access for Greater Cybersecurity

In 2021, 89% of web-application hacking attacks involved illicit use of credentials, either cracking log-in data through brute force attacks or stealing them outright. (That’s according to the Verizon 2021 Data Breach Investigations Report.) One of the simplest and most powerful ways to improve IIoT security is to harden login authentication.

The first step is to change default user IDs and passwords as soon as you have control over them. That may sound obvious, but many first-time IIoT users put this task off for days or even weeks. Use strong passwords, with at least 12 characters, a combination of numbers, special characters, and uppercase and lowercase letters. Avoid common keyboard patterns (like qwerty) and recognizable words. Don’t use passwords you’ve used in the past.

The second step — and arguably the most powerful protection against credential theft — is to enable two-factor authentication. Wherever your IIoT systems allow this defense, use it. Two-factor authentication requires a unique code, sent to a device other than the one you’re using to log into a system. For instance, you might have a code texted to your cellphone in addition to entering a username and password.

This makes it a lot harder for unauthorized users to breach your system; they would need not just your login credentials, but also physical access to the secondary device. Two-factor authentication is key to protecting not just IIoT systems, but any workplace IT environment that must remain secure.

If you can’t invest in broader cybersecurity measures, start by changing login credentials, using strong passwords, and enabling two-factor authentication. If you’re building an IIoT system from the ground up, however, you have access to the latest generation of secure network infrastructures. We’ll explore these in the next section.

Secure IIoT Computing Architectures

There’s no shortage of IIoT platforms and service providers, and many of these create their own network infrastructure. Here are some of the latest advances in secure network architecture for IIoT systems.

1. Localized Micro Cloud Networks

The “cloud” is just a set of servers that reside somewhere else, and cloud-based IIoT systems provide a lot of value for users. They allow you to access systems from anywhere with an internet connection. They offload the responsibility of server security to dedicated experts. But these clouds, by definition, connect with a broader commercial internet. It’s hard to completely eliminate vulnerability with these connections in place.

One alternative is to set up a local micro cloud for your IIoT systems. These clouds rely on edge servers, small data storage centers near or even built into data sensors themselves. Each edge device connects to the next. They all share data. But they’re not always connected to the broader commercial cloud. (They may sometimes connect to update systems, or to train machine learning systems — but these are brief, episodic connections.)

Some of these systems can process data or even run applications on these edge servers. It’s essentially a localized internet, with networks running on or near the devices that gather the data.

2. Zero-Trust Architecture

Firewalls are an established cybersecurity tool; they control access between one network and another. Most firewalls protect the entire localized network. It’s like one big fence, and once you’re inside, access to everything within the system is easier to gain. Increasingly, IIoT architecture is moving toward zero-trust architecture, which defends not just entire networks, but each individual resource contained therein. It doesn’t assume that a user can be trusted with multiple resources, even if they’re authorized to access one of them.

Network-perimeter security is like a home with a single door, and no locks on the inside. Zero-trust architecture is more like a hotel: Every room has its own key. Within your system, every resource, every component, every API, needs its own authentication before providing access.

To return to our house metaphor, that means some occupants can enter the building, but not every room. In such an architecture, you can provide every user only with access to the components of your system they need to do their jobs, building a more secure system overall.

3. Distributed Ledgers in Decentralized IIoT Systems

Decentralization is a growing trend in IIoT infrastructure. Rather than storing all data in a central server (local or cloud-based), these systems use far edge devices to store, transfer, and process data. That frees you from reliance on gatekeepers and third-party service providers.

Security in a distributed system may depend on a distributed ledger, a technology similar to blockchain. This inviolable ledger creates a track record of all data transactions within the network. That makes it easy to spot vulnerabilities and improper data handling events — including threats and vulnerabilities. If there’s a missing link, everyone with access to the ledger can recognize that something’s gone wrong — and you can configure systems to reject suspect transactions.

Adopting Secure IIoT in the Electrical Distribution Industry

Most electrical wholesalers probably aren’t building broad-spectrum IIoT systems from scratch — yet. But that doesn’t mean you can’t start getting the benefits of IIoT today. Start in one area of your business, collect the data, then expand your IIoT infrastructure.

The Spool Winding Trolley-IIoT from BHS is an ideal way to bring IIoT to your business without overhauling your IT systems entirely. It’s an enclosed information environment, sharing sensor data through the secure BHS Industrial Internet of Things Portal. Our systems handle IIoT security from end to end, so all you have to do is access the user interface and start automating key processes in your cut-to-length cable distribution operation.

To discuss the Spool Winding Trolley-IIoT and other solutions for more efficient electrical distribution, contact BHS at 1.800.BHS.9500 today.