At least four remote access tools have been implemented across the operational technology environments of 55% of organizations, some of which have up to 16 of such tools, potentially resulting not only in an expanded attack surface but also visibility and identity management challenges, according to SecurityWeek.
Seventy-nine percent of organizations also had OT networks with more than a pair of non-enterprise-grade remote access tools, which usually lack role-based access controls, auditing, multi-factor authentication, and session recording capabilities, as well as timely security fixes, a report from Claroty showed. Aside from raised security concerns, excessive remote access tools in OT environments have also brought about operational issues, including increased costs, reduced monitoring and detection efficiency, and inferior threat response efforts, noted Claroty researchers. "Missing centralized controls and security policy enforcement opens the door to misconfigurations and deployment mistakes, and inconsistent security policies that create exploitable exposures," said Claroty.
