Eaton 93E G2 100/100 User And Installation Manual page 115

Eaton 93E Generation 2 UPS 100-200 kVA
(380/400/415V)
Category
Authorization and access
control
©
Eaton Corporation plc 2019. All rights reserved.
Description
It is extremely important to securely configure the logical
access mechanisms provided in the UPS to safeguard the
device from unauthorized access. Our company recom-
mends that the available access control mechanisms be
used properly to ensure that access to the system is re-
stricted to legitimate users only. And, such users are re-
stricted to only the privilege levels necessary to complete
their job roles/functions.
• Ensure that default credentials are changed upon first
login. The UPS should not be commissioned for pro-
duction with default credentials. It is a serious cyber-
security flaw as the default credentials are published
in the manuals.
• No password sharing - Make sure that each user gets
their own password for that desired functionality in-
stead of sharing the passwords. Security monitoring
features of the UPS are created with the view of each
user having their own unique password. Security con-
trols will be weakened as soon as the users start shar-
ing the password.
• Restrict administrative privileges - Threat actors are
increasingly focused on gaining control of legitimate
credentials, especially those associated with highly
privileged accounts. Limit privileges to only those nee-
ded for a user's duties.
• Perform periodic account maintenance (remove un-
used accounts).
• Change passwords and other system access creden-
tials whenever there is a personnel change.
Access to service screen and configuration screen is ac-
cess-controlled. Access to UPS features is restricted
based on roles:
1. Configuration screen can be accessed by the User
role.
2. Service screen can be accessed only by the Service
engineer role.
The following are the access levels in the UPS:
• Level 1: Control password for User
• Level 2: Configure password for User
• Level 3: Service password for an authorized Eaton
Customer Service Engineer or qualified service per-
sonnel authorized by Eaton
Users are recommended to change default passwords on
first use of the system. The default session timeout is 10
minutes.
The UPS does not enforce any account policies. Custom-
ers need to enforce their account policies.
Revision: 002
User's and installation guide
Document ID: P-164000848 115 (118)