Considering the ongoing convergence of IT and OT operations, manufacturing businesses in particular are in a great tug of war between keeping it safe and making it usable, explains Rob Williams, director of global technology operations, at Holland, Mich.-based office furniture manufacturer Herman Miller.
“In the past you picked one or the other. Threading the needle and still offering both is one of my biggest challenges. Manufacturing can tend to be last generation or even previous, which can require alternate methods to secure and protect those systems,” says Williams. “You also need to balance the need for very high uptime to support the business. A bad deployment to office users causes calls to the service desk and some angry users. That same bad deployment to manufacturing equipment can send a shift home.”Keys to success
The biggest misstep Williams tends to see manufacturing organizations make when it comes to properly securing their technology environments is sticking to the belief that bad people live outside the firewall, and once inside the firewall everything is good. Instead, he has embraced the concept of “trusting no one and nothing, while helping educate and protect business partners from themselves as well as the bad people,” he says.
Also, having an identity and access management solution is crucial – something Herman Miller accomplished with OneLogin. “When I joined Herman Miller, I was given access to some 21 systems, each had their own separate authentication method. Moving to a single sign-on environment reduced calls to the service desk by half or more,” he says. “We ask our employees to use complex passwords and help keep the company secure, it is in our best interest to make that task something they can accomplish. As we integrate new systems into our environment SAML auth is table stakes, I might need to teach a user a new application or system, but they know how to get to it.”
Likewise, embracing multi-factor authorization and providing user education are key components to any secure environment. “We need to help our people better protect themselves with good security hygiene. For instance, don’t reuse passwords, don’t use corporate email for personal, etc. When you take this approach, you better protect the organization,” he says. “Don’t just turn on multi factor authorization and say live with it. Instead, educate them as to how it works, how it protects the organization and how they should have it on every single one of their personal accounts as well.”
Better in the cloud
While many manufacturers seem reluctant to move to the cloud, the benefits make it difficult to justify avoidance. Like many manufacturers, Herman Miller has been within the constant cycle of rinse, repeat and refresh, while leveraging its internal talents to make incremental changes to technology infrastructure when feasible. While the process works, it is far from efficient, especially in today's digital economy.
“What if we took that repetitive and slow part away and let those smart people use their capacity to move the business forward faster? Let the cloud vendor worry about power and cooling and x86 workloads and disk IOPS,” he says. “First, we lift and shift what we have to the cloud, simply freeing up people. Then those same people can work to re-imagine our work, re-factor workloads to take advantage of cloud native technologies. And these technologies can be spun up and torn down in minutes or hours rather than days, weeks or months. You can fail five times faster than you would have deployed attempt #1 with legacy infrastructure.”
Williams’ advice? Partner with your cloud vendor, who has done this repeatedly. “Don’t get caught in the “I am special, we will figure it out ourselves’ trap,” he says. “Leverage them as a partner as well as the third parties who do this for a living. You will learn way more than you pay for.”
Understandably, the pandemic put significant stress on manufacturers to empower workforces in new ways.
From a technology perspective Williams tells IndustryWeek that Herman Miller was determined to keep forward momentum throughout the pandemic. “We have global teams and moving to a full-remote environment was not as daunting as even we would have thought,” he says. “From a business partner perspective, it did change expectations of what they can and cannot expect from us. We were required to better define roles and responsibilities. But at the end of the day, we need our folks connected, and working so that was the top priority.”