With mobile HMI gaining so much traction (Perspective), I am curious what input others may have on approaches to security from things such as mobile phones and tablets into the automation layer (HMI) for control using a public cell network and possibly business WIFI connections.
How is security and authentication best handled? Lastly, how do or did you sell it to your IT group?
We only allow mobile control from authenticated users assigned the appropriate permissions. Users connect mobile devices via VPN or WIFI control network (separate from business and guest WIFI networks). This access is limited to users who have a reason to have it.
The U.S. Department of Homeland Security has very specific recommendations for network security that, I think, would preclude use of public networks for control operations. VPNs, with careful controls, but that seems to not be what technology-challenged management types want. /: