The latest incidents at Facebook and the growing threat of cyber-attack bring the serious nature of data protection and data security sharply into focus. Customers using MindSphere are also concerned to know what Siemens is doing to safeguard their data and protect their private sphere from attack. We talked about this burning issue with Ralf Michael Wagner, in charge of business with the Siemens Internet of Things operating system.
What concerns do Siemens customers have when it comes to the security of their data in MindSphere?
Ralf Michael Wagner: There’s still quite a lot of uncertainty surrounding the whole data security issue among customers. We’ve returned to the situation which existed at the start of the Internet age, when there was a widely held view that data was safer kept within the confines of a company rather than in the cloud. This can be the case, but it doesn’t have to be. It depends upon what data we’re talking about. These are precisely the kinds of points we need to discuss with customers and advise them on.
Would you advise the skeptics to wait and see how the whole situation develops?
Wagner: No matter what size a company is, to maintain a strong competitive position there is no way around digitalization and the use of cloud solutions. So it makes sense to embrace it at an early stage, for instance working on smaller-scale projects whose data is not critical. This provides an opportunity to gather experience and gain confidence. Let’s take an example from the private sphere: Sending data about the fill level of my brake fluid or oil to the cloud can’t possibly be considered sensitive, whereas my destination might be.
What’s the most important argument you present to convince customers that MindSphere is secure?
Wagner: We take data security very seriously, as we’re aware that cybersecurity represents a major challenge and a key competitive factor in a digitalized economy. Cybersecurity has to be seen as integral to the architecture of a system which overarches the entire value chain and spans the complete life cycle of a product. This is the approach Siemens has taken in the development and maintenance of MindSphere.
What exactly do you mean by that?
Wagner: We deploy a multi-layered concept to protect industrial plants. In practice, this means always combining different measures such as encryption, protected access and so on. We call this concept Defense in Depth, and it encompasses plant security, network security and system integrity. The same concept is used for our IT and production plants. After all, however many security systems you have in place, they are of no use if the password is available for all to see on a post-it next to the monitor, or access to the building isn’t properly secured. We also offer our customers a comprehensive portfolio to minimize risk in the form of our Industrial Security Services. All these aspects, when taken together, reduce the risk of unauthorized access to a minimum. Industrial Security is a core element of the Digital Enterprise Suite, the Siemens solution for companies on the route to Industrie 4.0.
What is Siemens doing in concrete terms to ensure that MindSphere is secure?
Wagner: We rely on encrypted communication and state-of-the-art encryption methods for data capture and transfer, and also on the use of certified data centers for data processing and storage. The security methods in place correspond to the standards customary in industry, in other words the recognized and certified standards ISO/IEC 27001 and IEC 62443. As we always deploy the very latest cybersecurity technologies, the level of security we provide is excellent. In addition, MindSphere is under continuous surveillance for suspicious behavior by experts using special software tools. They are also supported by our own team of “hackers” who are continuously on the search for potential vulnerability.
Does Siemens work with specific partners?
Wagner: When it comes to data storage, we work in association with partners such as Amazon Web Services, Microsoft Azure and SAP. The data is managed in their computing centers. Each of these associates operates to the very latest security standards and offers an extremely high level of security. They have hundreds if not thousands of employees working day to day on data security – after all, it’s integral to their business model.
What’s the situation with the MindApps developed by customers themselves?
Wagner: It makes no difference whether we develop the MindApp ourselves, or whether this is done by the customer or a service provider: Every app is verified by us before it goes productive. This is comparable to a certain degree with the Apple AppStore or Google Play Store.
Some customers are concerned about their private sphere being breached. What’s the situation as regards to data privacy?
Wagner: First of all, it’s important that customers realize they’re free to decide themselves just where their cloud operates. Secondly, data belonging to different customers is strictly segregated in the cloud, and it remains the sole property of our customers. We don’t touch the domain knowledge of our different customers at all. This is something Member of the Managing Board Klaus Helmrich has repeatedly emphasized.
Do your arguments win over the skeptics?
Wagner: This was clearly shown to be the case at the last few trade fairs. The number of those still remaining hard necked skeptics is melting away like the snow in spring. I firmly believe that we have convincing and sound arguments to offer in the face of doubts about security.
04, 27, 2018
Industrial security is a key element of Digital Enterprise, the Siemens solution on the route to Industry 4.0, the fourth industrial revolution. With Defense in Depth, Siemens offers a multi-layer concept providing both complete and in-depth protection for plants. The concept is based on plant security, network security and system integrity in accordance with the recommendations of IEC 62443.
Stay up to date at all times: everything you need to know about electrification, automation, and digitalization.
It looks like you are using a browser that is not fully supported. Please note that there might be constraints on site display and usability. For the best experience we suggest that you download the newest version of a supported browser: