High value systems warrant hardcore hardening measures. The PI System resides at a critical junction, communicating across strict network boundaries. Under this paradigm, the PI System acts as a 'safe harbor' for data, defending critical systems by reducing the number of users inside the security perimeter while enabling growth in the number of users getting value from OT data.
An application can only be as secure as its operating platform. This session will discuss securing a system from the ground up with advanced hardening measures for the Windows operating system that OSIsoft has collected over many years, including security baselines, PowerShell’s Desired State Configuration, and arcane corners of the Windows Advanced Firewall. With the platform locked down, we will explore application hardening measures built within and tailored to the PI System.
Emphasis will be on using the latest technology and tools available to embrace agility and configuration as code. The session will feature examples from practical case studies.
Lubos Mlcoch works in Technical Support as a Senior Escalation Engineer, working primarily with OSIsoft web and batch applications. Lubos is on the OSIsoft Cyber Security Champions team roster, focusing on Windows Security. He has attended CQURE's Advanced Windows Security courses, achieving Windows Security Master certification in 2017 and 2018.
Lubos holds a B.S. in Computer Science from University of Technology (Brno, Czech Republic) and an M.S. in Business and Finance from Nottingham Trent University (UK).