Eaton LoadStar-S JSB Mounting And Operating Instruction page 93

Account Management
Time Synchronization
Network Security
Logging and
Event Management
Secure Maintenance
Business Continuity /
Cybersecurity Disaster
Recovery
Sensitive Information
Disclosure
Mounting- and Operating Instruction Eaton LoadStar-S JSB 40071860396 March 2021 www.ceag.de
Logical access to the system | device should be restricted to legitimate users, who should be assigned
only the privileges necessary to complete their job roles/functions. Some of the following best practices
may need to be implemented by incorporating them into the organization's written policies:
- Ensure default credentials are changed upon first login. LoadStar-S should not be deployed in produc-
tion environments with default credentials, as default credentials are publicly known.
- No account sharing – Each user should be provisioned a unique account instead of sharing accounts
and passwords. Security monitoring/logging features in the product are designed based on each user
having a unique account. Allowing users to share credentials weakens security.
- Restrict administrative privileges - Attackers seek to gain control of legitimate credentials, especially
those for highly privileged accounts. Administrative privileges should be assigned only to accounts
specifically designated for administrative duties and not for regular use.
- Leverage the roles / access privileges to provide tiered access to the users as per the business /opera-
tional need. Follow the principle of least privilege (allocate the minimum authority level and access to
system resources required for the role).
- Perform periodic account maintenance (remove unused accounts).
- Ensure password length, complexity and expiration requirements are appropriately set, particularly
for all administrative accounts (e.g., minimum 10 characters, mix of upper- and lower-case and special
characters, and expire every 90 days, or otherwise in accordance with your organization's policies).
- Enforce session time-out after a period of inactivity.
Many operations in power grids and IT networks heavily depend on precise timing information.
- Ensure the system clock is synchronized with an authoritative time source (using manual configuration,
NTP , SNTP , or IEEE 1588).
LoadStar-S supports network communication with other devices in the environment. This capability can
present risks if it's not configured securely. Following are Eaton recommended best practices to help
secure the network. Additional information about various network protection strategies is available in
Eaton Cybersecurity Considerations for Electrical Distribution Systems [R1].
Eaton recommends segmentation of networks into logical enclaves, denying traffic between segments
except that which is specifically allowed, and restricting communication to host-to-host paths (for
example, using router ACLs and firewall rules). This helps to protect sensitive information and critical ser-
vices and creates additional barriers in the event of a network perimeter breach. At a minimum, a utility
Industrial Control Systems network should be segmented into a three-tiered architecture (as recommen-
ded by NIST SP 800-82[R3]) for better security control.
Communication Protection: -LoadStar-S provides the option to encrypt its network communications.
Please ensure that encryption options are enabled. You can secure the product's communication capabi-
lities by taking the steps of the manual.
Eaton recommends opening only those ports that are required for operations and protect the network
communication using network protection systems like firewalls and intrusion detection systems /
intrusion prevention systems. Use the information below to configure your firewall rules to allow access
needed for LoadStar-S to operate smoothly
- For Webserver functionality, port 443 (HTTPS is used)
- For MQTT, the operator can select any port
- Eaton recommends logging all relevant system and application events, including all administrative and
maintenance activities.
- Logs should be protected from tampering and other risks to their integrity (for example, by restricting
permissions to access and modify logs, transmitting logs to a security information and event manage-
ment system, etc.).
- Ensure that logs are retained for a reasonable and appropriate length of time.
- Review the logs regularly. The frequency of review should be reasonable, taking into account the sensi-
tivity and criticality of the system | device and any data it processes.
Best Practices
Please check Eaton's cybersecurity website for information bulletins about
vulnerabilities. www.ceag.de
Plan for Business Continuity / Cybersecurity Disaster Recovery
Eaton recommends incorporating LoadStar-S into the organization's business continuity and disaster
recovery plans. Organizations should establish a Business Continuity Plan and a Disaster Recovery Plan
and should periodically review and, where possible, exercise these plans. As part of the plan, important
system data should be backed up and securely stored, including:
- The current configuration.
- Documentation of the current permissions / access controls, if not backed up as part of the configura-
tion.
Eaton recommends that sensitive information (i.e. connectivity, log data, personal information) that may
be stored by LoadStar-S be adequately protected through the deployment of organizational security
practices.
43 Eaton CCOE Cybersecurity Recommendations
93