ICS networks are more connected than ever – both to corporate networks and to the external world. Enforcing secure authentication to sensitive systems like Engineering Workstations, supervisory stations, and various operational servers is a critical security measure to prevent unauthorized access and identity-based attacks. However, mainstream Multi-Factor Authentication solutions (MFA) can hardly be deployed in these environments – either because they require software agents on each protected system, deployment of inline proxies in OT networks, or code changes to sensitive systems. In many cases there is no support for legacy systems that are commonly found in these environments.

Seamlessly Enforcing MFA On Access To Sensitive SCADA Servers

Critical SCADA servers must be available 24/7. As such, it’s impossible to deploy software agents or proxies to enforce secure authentication. In addition, many OT vendors condition warranty and support only if no 3rd-party software is installed on their systems.
Silverfort’s agentless MFA technology can seamlessly enforce MFA on access to critical OT servers, IT infrastructure, IIOT devices, file shares, databases and more. Silverfort enables a unified authentication solution across all IT, OT and cloud environments.

Continuous Risk Analysis

Thanks to its ability to monitor access requests of all users and machine accounts, Silverfort automatically identifies vulnerabilities and risks, including the use of weak authentication protocols, stale accounts and devices, old or expired passwords, shared accounts and more. It also uses machine learning to analyze user behavior, in search of anomalies and attack patterns. This allows Silverfort to detect and stop identity-related threats, including account takeover, lateral movement, ransomware and brute-force attacks.

AI-Driven Authentication Across All Systems and Environments

Silverfort delivers adaptive risk-based authentication across entire corporate networks and cloud environments, without deploying any software agents or inline proxies.
Unlike other solutions that require integration with individual systems – an impossible task in large and dynamic networks – Silverfort’s technology seamlessly enables adaptive authentication for all sensitive systems across all environments. This results in unparalleled accuracy, allowing organizations to improve security while avoiding disruptions to users.

Holistic visibility and Auditing

Silverfort provides consolidated auditing of user activity across all systems and environments. This helps financial organizations comply with regulatory as well as internal auditing requirements. It also helps them to achieve least privileges as part of periodic entitlement reviews, by clearly showing which entitlements are being used and which are redundant.