Tosibox Blog

Secure SCADA Connectivity for Water Districts

Written by Tosibox | Jun 28, 2022 10:25:12 AM

If you operate in or adjacent to any municipal water or wastewater districts, you received notice from WaterISAC, in conjunction with CISA and DHS, recommending immediate action to secure your critical infrastructure. More information on that is here.

If you’ve been following along, you already know Tosibox meets the WaterISAC/CISA/DHS cybersecurity recommendations in water and all other sectors. If you haven’t, I recommend our previous blog on this exact topic. You might not know that in addition to eliminating cybersecurity risk, Tosibox's automated infrastructure reduces the cost and complexity for connecting dispersed SCADA systems. 

 

 Consider the needs of a hypothetical, medium-sized water/wastewater district. They have a single SCADA instance running on a local workstation. This workstation runs both the water and wastewater sides, so it must communicate with various well sites, pump stations, tanks, filter plants, lift stations, and treatment plants. These dispersed control systems are most commonly connected through one of two methods. The first is IP radios. Not only expensive, but radios are also functionally prohibitive since they rely online-of-site communication. Furthermore, they provide only one channel for communication. If a remote radio (or worse still, the central master radio) goes down for any reason, comms to that site is eliminated until the connection is repaired. Redundancy is a requirement for any mission-critical system. Forget not the Navy SEAL credo, “Two is one, and one is none.”

 

If not radios, remote connections are often made with manually-created cellular APNs. This introduces complexity which introduces risk. Expertise is required to properly connect these assets AND to configure their cybersecurity profile. The potential for human error is drastically increased, as is the cybersecurity risk and potential for system downtime. 

 

Secure connectivity and easy deployment

Using Tosibox’s automated connection platform, that same municipality can securely connect all their dispersed assets to a central SCADA server without any IT expertise or risk of human error. Whether they want to host on-prem or upgrade to a Tier 4, SOC 2 remote data center, Tosibox automates SCADA infrastructure to eliminate the complexity and cybersecurity risk of traditional connection methods. Disruptive pricing allows systems admins to overhaul their SCADA comms and improve their cyber posture with no upfront cost for less than a monthly P-card limit. 

 

Through automation, Tosibox has eliminated the cost, complexity, and cybersecurity risk of connecting modern SCADA systems to municipalities. Legacy networking systems that limit functionality and introduce cyber vulnerability are being replaced by a modern solution that automates what used to take expert days or weeks to create.

 

Reach out to see why systems admins all over the country trust their district’s critical infrastructure to Tosibox.

Blog post is written by Skylar Dhaese - OT Network engineer helping integrators and manufacturers monetize their digital transformation.