Digital Bond » Control System Data on Your Blackberry, iPhone, …

by Dale Peterson

I’m out at the OSIsoft T&D Users Group in Portland this week. Transpara, one of the OSIsoft partners, is showing PI displays sent to Blackberries, iPhones and other mobile devices. People were walking up with their phones and getting demo’s right on their phones. Essentially you navigate to a web page on a web server and download your display, after authenticating and having the required authorization.

Transpara is taking the position that the connectivity and security of access to the web server is the end user’s decision. You can require VPN’s, strong authentication, … You can leverage integration with the Blackberry Enterprise Server and Active Directory. All Transpara cares about is that you can get to their web server somewhere on the asset owner’s network, which gets process data and kpi from PI.

Now I know there will be a tendency for many to say this is terrible – - process data sent over the Internet and mobile networks. Others will say this is cool and I need it now.

The real answer is it depends.

Is there a true business need for this information to be available anytime/anywhere on a mobile device? What would be the impact if the data is disclosed? Does it have short term value? Long term value? Is it business sensitive? Would it aid an attacker if known? What is the likelihood of compromise? Where is the web server located? What is the security between the mobile device and the web server? What is the security of the mobile device?

We would focus on the true need for this info and the impact if this info is lost. We then would see if security controls could be put in place to reduce the risk to an acceptable level.

Source: Digital Bond » Control System Data on Your Blackberry, iPhone, …