“Dispel has truly simplified remote SCADA access for the city of Brentwood. The platform is secure, simple to use, and very efficient.”
Sub 30-second connection times to any system they have permission to access, with the tools and multi-monitor feeds they need to do their work unencumbered, and the record keeping needed to clearly show who did what and when.
A standardized way to get Vendors to their equipment in minutes, rather than weeks of wrangling with cybersecurity.
A single system through which remote access can be governed, and the reporting infrastructure needed to keep compliance happy.
The enhancements they need to keep the plant conformant with the latest in cybersecurity and resiliency standards.
An end to the infighting between Operations and IT, and a beginning to meaningful improvements in Uptime, Availability, and Safety.
Good systems are difficult to design, build, maintain, and improve. If you have operational technology in your environment, you are dealing with a system of systems - something an order of magnitude more complex. Your ability to understand, operate, and enhance this system of systems is why you get paid to go to work every day. That’s your mission.
Why is this important? The mission of both Operations and Cybersecurity can more precisely be defined as maximizing Uptime, Availability, and Safety at minimal cost within the constraints of time and individual ability. A good place to start pursuing that mission is to recognize you are dealing with a system of systems; identify what those systems are; and then make sure those systems work well with one another when focused on those three goals.
Enter remote access. As a concept, Operations cares about remote access because of its potential to increase Uptime, Availability, and Safety through the improved responsiveness of team members and minimized count and duration of instances where personnel need to be physically near equipment. As a concept, Cybersecurity cares about remote access because it creates the potential for a breach that could shut down the plant or inflict physical harm on personnel. One side views it as an enabler. The other views it as a concern. Both tend to find an inordinate amount of their time consumed working on, with, or around whatever compromise solution is reached.
We believe remote access should be viewed as a system within a system of systems. With that as the mindset, we built our remote access system from the ground up to cleanly interleave with the Operations and Cybersecurity systems found at utilities, factories, and energy firms. It has taken us over 2,000 conversations with Operations and Cybersecurity professionals, 300,000 hours of work, and no small amount of luck to get where we are today. The result is the product we hope you consider deploying.
Cybersecurity teams tend to advocate for Dispel because it provides the scale, control, tracking, compliance reporting, and moving target defenses they want around anything related to Operations. Operations teams tend to turn to Dispel because it means their crews are able to reach their equipment in seconds with the tools they need to do their job. Management approves Dispel because it is modular, does precisely the tasks for which it was purchased, and is relentlessly improved.
Deployment tends to start with the placement of a piece of hardware onsite between the Internet access point for the facility and whatever security stack (firewalls, usually) is already at the plant. If it is a particularly large facility, or geographically dispersed (a windfarm, for example), we suggest putting hardware next to each subsystem you want to remotely reach. If you happen to have a strong technical team, we can forego the hardware and install the necessary software on a virtual machine instead.
This first phase done, an Administrator can give anyone the ability to remotely access a given piece of equipment for a specified timeframe through the Dispel management console. Alternatively, for those of you with a firmwide access control system, the process of granting and revoking device-specific access can be as straightforward as linking your Dispel deployment to the access control server.
Features and modules like livestreaming, session recording, multimonitor viewing, time-based access control, user-specific whitelisting, equipment-specific maintenance workstations, SIEM hookups, unidirectional gateways, and patch staging servers exist because some situations call for them. We provide a longer list below.
Choose a system that was built for your mission. Deploy Dispel.