Have a question for the community and what you are seeing in industry.
I would like to implement individual user logins for all the operators but am getting a little push back from operations. How is everyone handling user accounts? With the push towards cybersecurity and our plans of moving to ISA 62443 compliant I see it as necessity. Operations is worried about the time it will take for one user to log off and the new user to logon. I feel is not only strengthens the security but it also us to more accurately audit events and provides user accountability.
We will be using mostly thin clients and virtual sessions for our operators in the control room so I was wondering if anyone has successfully implemented badge readers on thin clients as well.
In reply to Matt Wicks:
In reply to David Nelson:
It sounds like everyone agrees that the principle is sound, but the execution may be problematic.
Regarding an operators ability to mechanically bypass process equipment, I am certain that more and more facilities are installing security cameras for the specific purpose of 'auditing' personnel activity in the physical world. Before long, industrial wearable technologies will be prolific, creating tremendous benefit to operations, but also facilitating greater oversight and accountability.
If individual passwords are a problem (I guess it depends on the industry, as every life sciences site I have ever seen employs individual log-ins, but they may have less need to react lightning-fast to process disturbances), DeltaV does support smart cards to make things easier.
http://www3.emersonprocess.com/systems/support/bol1231/c_smart_cards.html