Bill Johnson with TDI Technologies
Industrial Talk is onsite at DistribuTech and talking to Bill Johnson, President and CEO of TDi Technologies about “Protecting your connected assets with Console Works”.
Scott MacKenzie and Bill Johnson discussed the challenges of remote access in industrial environments, particularly in terms of cybersecurity. Bill explained how his company's product, Console Works, provides secure remote access to assets while controlling who can access them. Scott emphasized the importance of separating insiders and vendors, and Bill highlighted the need to validate users and keep the platform free of viruses and malware. The speakers also discussed the importance of directly connecting to industrial control systems for security and accuracy, and the need for zero trust foundations in critical infrastructure security. They stressed the value of validating information from multiple sources to ensure accuracy and security.
Action Items
- [ ] Contact Bill Johnson or visit consoleworks.com to learn more about ConsoleWorks and how it can provide secure remote access for industrial control systems.
- [ ] Share the Industrial Talk Podcast on other platforms to continue educating others, collaborating on innovations, and changing the world securely.
- [ ] Consider attending Distributech next year for more conversations on connecting industrial systems securely.
Outline
Remote access security in industrial environments.
- Bill Johnson, industry expert on remote access and cybersecurity, joins the show.
- Speaker discusses TDI Technologies' unique remote access solution for industrial environments.
Remote access security and asset management.
- Scott MacKenzie explains how their product validates users and controls access to assets.
- Product acts as a “man in the middle” to ensure secure connections and logging of unencrypted traffic.
- Bill explains how to set up the product to monitor and analyze endpoints, with onboarding assets from integrations with tools like Dragos or Nozomi.
- Bill discusses how to provide credentials for endpoints, with options for either product ownership or business choice, and setting up taking a day's time.
Securing remote access to critical infrastructure.
- Speaker explains how product simplifies network access for end users.
- Bill emphasizes data security and automation in connected infrastructure.
Cybersecurity for critical infrastructure using data and AI.
- Bill explains how their product collects device configuration settings directly from the endpoint.
- Bill highlights the benefits of validating information from multiple sources, including devices, tools, and vendors.
- Ralph wants Scott to use data from multiple sources to build a trusted picture of a device.
- Bill Johnson from TDI Technologies discusses cybersecurity and remote access solutions.
Finally, get your exclusive free access to the Industrial Academy and a series on “Marketing Process Course” for Greater Success in 2024. All links designed for keeping you current in this rapidly changing Industrial Market. Learn! Grow! Enjoy!
BILL JOHNSON'S CONTACT INFORMATION:
Personal LinkedIn: https://www.linkedin.com/in/baronpilot/
Company LinkedIn: https://www.linkedin.com/company/tditechnologies/
Company Website: https://www.tditechnologies.com/
PODCAST VIDEO:
OTHER GREAT INDUSTRIAL RESOURCES:
NEOM: https://www.neom.com/en-us
Hexagon: https://hexagon.com/
Palo Alto Networks: https://www.paloaltonetworks.com/ot-security-tco
Palo Alto Networks Report HERE.
Fictiv: https://www.fictiv.com/
Hitachi Vantara: https://www.hitachivantara.com/en-us/home.html
Industrial Marketing Solutions: https://industrialtalk.com/industrial-marketing/
Industrial Academy: https://industrialtalk.com/industrial-academy/
Industrial Dojo: https://industrialtalk.com/industrial_dojo/
We the 15: https://www.wethe15.org/
YOUR INDUSTRIAL DIGITAL TOOLBOX:
LifterLMS: Get One Month Free for $1 – https://lifterlms.com/
Active Campaign: Active Campaign Link
Social Jukebox: https://www.socialjukebox.com/
Industrial Academy (One Month Free Access And One Free License For Future Industrial Leader):
Business Beatitude the Book
Do you desire a more joy-filled, deeply-enduring sense of accomplishment and success? Live your business the way you want to live with the BUSINESS BEATITUDES…The Bridge connecting sacrifice to success. YOU NEED THE BUSINESS BEATITUDES!
TAP INTO YOUR INDUSTRIAL SOUL, RESERVE YOUR COPY NOW! BE BOLD. BE BRAVE. DARE GREATLY AND CHANGE THE WORLD. GET THE BUSINESS BEATITUDES!
Reserve My Copy and My 25% Discount
Transcript
SUMMARY KEYWORDS
product, scott, talk, dragos, device, information, remote access, assets, industrial, business, endpoint, data, gail, solution, trust, vendor, command, world, bill johnson, works
Scott, welcome to the Industrial Talk Podcast with Scott. MacKenzie. Scott is a passionate industry professional dedicated to transferring cutting edge industry focused innovations and trends while highlighting the men and women who keep the world moving. So put on your hard hat, grab your work boots, and let's go all right
once again. Thank you very much for joining Industrial Talk, the location, the platform that celebrates industry professionals all around the world. Because you're bold, brave, you dare greatly solve problems, you collaborate, you do everything to make the world a better place. That's why we celebrate you on Industrial Talk, we are broadcasting on site, distribute tech Orlando, Florida is the location, and it is just an absolutely booming event. Really, really great, good attendance. Put this on your calendar for next year. If you are in the utility power, any of that you need to be here, energy is the name of the game, and they are talking about incredible challenges and solutions, and speaking of solutions in the hot seat, we have a gentleman by the name of Bill Johnson. Console Works is the solution, and we're going to be talking about remote access, zero trust, cyber security type stuff. So let's get cracking.
Doing well, Scott, thank you so much for having me. Appreciate you pulling me out of the crowd. It's obvious you recognize a pro when you see one.
Absolutely. Why would I play? There you go, sir. Absolutely. Yeah, we are both mutual friends of Gail Wong, who is the king of connections. There you go. He does it all the time. He's just right in he's in our neighborhood. That's it was so funny when we set up shop here, our studio here, and then I saw at&t, and I said, There's no way Gail's not gonna be there's Gail. There's Gail. He's there as a room,
as I said earlier. If, if you haven't met Gail, you're missing an opportunity to meet an awesome, fine person.
Agree absolutely, all right, for the listeners out there, Bill, we need a little background on who you are. Give us a little 411 on who Bill is.
Yeah. So I'm President, CEO of a company called TDi Technologies. Our technology is a product called Console Works. Console Works is just that it's the ability for a human to get to an asset, and it's and when we speak in the industrial world, we think SCADA, we think its not it. We get that. And in specific, we're implemented remote access in a very unique way we built a man in the middle. Okay, don't know what. So man in the middle sits between the actor and the asset they're trying to get to. So think about it. If you normally get into an OT environment, you go through a a VPN. You land on a jump box, and then vendors, insiders can kind of go where they want to go. The challenge is, how did you control them? Who were they? Were they the person they indicated? They said they were right. What's the platform were they using? Did they just come from Star works? Star works start Starbucks and full of viruses and malware. Or how do you keep that stuff out? And this vendor that's here today, does he know the credentials on the end point that he's trying to go to? If it's a vendor or an insider, you want to separate all that. That's how we get you know, people know it more people knowing the administrator username and password on an endpoint. That's how people get to know, you know, privileged access to endpoints. It's written down. It's hidden under a keyboard or access to the engineering workstation as an example. And they upload and change, make changes to the environment which impacts, you know, the operation of an OT environment.
Tell us what that man in the middle? What is that? Okay,
great question. What our product does is we present one port for a user to come into, and they use a web browser. So we didn't put software on your workstation. You use your web browser as you come into the business's Virtual Private Network, their firewall. The firewall connects them to our product Console Works at that point I say, gee. Who are you? Scott? Give me your username, give me your password, give me your your when I say password, I can enforce a very complex password. And if you've been defined in Active Directory, or you're part of Azure or other single sign on providers, we'll integrate with those, and then we handle your multi factor. Medication. So really, what I'm doing is I'm looking at you our product is we're validating who you are, and now you're only talking to our product. Okay? So when you type a command or when you type something on your keyboard, our product sees it first. It's not going beyond our product. You're not you have to go through our product as the man in the middle. You type it. We decide where it goes, what we let you see. And so by us being the man in the middle and authenticating you, I can put you in a role. That role decides which of the 15,000 or 100,000 assets we control, which one of those assets I want you to see, either by location, by vendor, by firmware or version type. So I have all kinds of ways of filtering what you're able to see, and the product does that, and you're reliant on the product to do that for you. Then when you ask our product to connect you to that end point. That's that remote access piece. The product will make the connection to the endpoint, not your workstation, your workstations done when you connect it to our product, okay? And based on your role, our product will make the connection to the endpoint, and then it brokers that connection that the product made, and it allows you to use that connection through the product that does a couple of really cool things for us. Scott, if you have viruses, malware, they don't transcend through our product. They get stopped at the front door. That means that you're a clean entity as you interact with assets inside. The other thing is, is when you type a command, as I said earlier, we have an encrypted session coming into our product. Our product makes an encrypted session going out, but because we're in the middle, I see the unencrypted traffic. Okay? And so we can make an SSH connection or an HTTPS connection or a secure RDP session inside, but in between you and that end point, we see the unencrypted traffic, and we're logging it. We're time stamping it so that you have a common timestamp across all activity. And with those logs, I know what you did, how you did it. When you did it, the commands that you issued in the order, the responses that come back that all lets us build, take data, or data, in this case, and turn it into information. If you are a vendor or a subject matter expert, and you know how to solve a problem, and you come through our product, I know what you did, how you did it, right? This is where, when Scott started. This is when Scott finished. Here's the device he interacted with. Here's the problem he solved. Given that I could say, take this session and make it a best practice, so that next time this problem occurs, we don't have to call Scott I see what you did, how you did it. If you're on the beach having a margarita and you don't want to be interrupted, now your junior guy can see how you did it. What's that mean to the business? The business now has value created in the product. About how the business operates, how it solves its problems. That information doesn't go out the door when you get promoted or when you leave and take another job, right? That business operation is based on continuous not only monitoring, but also continuous response using things like best practices. Does that make sense, sir,
it does. How do you set this up? How difficult is it to set up, to create those the logic in between that extra man, how do you set it up?
No great question. So first thing you have to do first, and if you look at any of the NIST cybersecurity frameworks. If you look at the zero trust Foundation, and you look at those pillars, and anytime you're looking at ot world, understand the assets that are out there, right? So we're going to onboard those assets in our product. That's why we can provide the remote access to them, okay? And that onboarding can be done either via integrating with solutions like Dragos or Nozomi or things like that. So we'll go to those tools where you may have deployed them, we'll pull their information into our product, and that tells our product, hey, here's here's assets that live on your networks, right? All you have to do then is give our product the credentials for each of those assets so the product can make the connection to those endpoints. Now, if the business said, Look, I don't want your product owning the credentials. I want people to know what they are, that's a business choice, right? I don't agree with it, but that's a business choice in allowing people or requiring people to have. Naturals to the endpoints. You know, we're here to mold into the business's process, rather than make the business mold into our products capabilities. Okay? And once it's about a day's time to set it up, truly.
How does it interrupt? Okay? I just because people tend to get very impatient. Yeah. Is there a performance like I want to, I want to access that, that that solution on the other side, and I've got to go through your, your your product, right? Is it adding more work to me? Yes, no. What? So
first off, the goal is to not add work to you, Scott, let's I want to take you down just a small road. Yeah, in in the OT world, not every device is on the same network, right? They they micro segment a lot of these networks for one operational efficiency and also security. So to get to another network, you have to hop through, sometimes a controller of some sort, or you have to skip through another firewall to get to another end point. So as an actor going through our product, why would I want you to understand that you have to go to through this substation controller through this firewall. Oh, now I have to give you command and control for that device. That what we call an intermediate device. Why do I want you to know credentials on that device? It's not something you're familiar with. You're just using it to get to the device you want to interact with. Our product understands those intermediate devices. One of them, two of them, three of them, to get down to, like, level two, level one, and interact with some of that stuff. Okay, so given that our product gets that built into it, you just tell the product, I need to go over here to this level one device. The product will take and make those connections for you. And then say, Scott, here you go. You're at level one on that device. I've authenticated your access to it. Bada bing, bada, boom. Your question was around performance, and you made an implication, and probably our audience heard, gee, that thing really slows down my connection to the end point, right? If that were the case, I couldn't be in business. Scott, yeah, okay. We have healthcare customers, finance customers, government, Intel customers and utility customers that do oil and gas, water, wastewater, the dams and of course, you know, generation, transmission, distribution, all of those guys. We understand critical infrastructure, and critical infrastructure can't be delayed with tools like this.
In a world of where we're just everything's the drive to connect everything, it just seems reasonable to require some level of security, and it's a must, because we if we are to succeed in what we're doing here at DistribuTech, and what they're talking about at DistribuTech, it's all about connected, seeing the data that's right, and being able to process that data and make tactical decisions on that data as fast as you possibly can. So it just seems like a no brainer. You know,
first off, you're spot on right? That remote access, and you used a key word, data, data, data, data. There was the notion that data is the next bacon, right? Yeah, I will argue I have lots of data. Okay, I see what you type. I know who you are, I know where you're coming from, I know the platform you're on. I know which assets you've talked to when you talk to them, the security role we allowed you to use to talk to them with what we logged you in as I know the commands you issued, and because I know how to talk to that end point, because I let you use the command or the session I have, I can automate what you would do. Why wouldn't I? Right? So I would do things like, hey, when Scott's not there or no one's talking to that device, maybe on a schedule that the business wants our product can go over there and say, Hey, show me your configuration. Show me your settings, your ports and services and users and groups and this and that and the other. And that's what when I when I say those things, I'm talking about an HMI or I'm talking about an IT piece of gear, yeah. And you know what Dragos, the zombie, all those guys tell you, they know that stuff. Think about where they're getting it. They're getting it off the wire. And I'm not taken away from what they do. They do a very good job. However, I'm talking directly to the endpoint, and I'm getting that information from the endpoint itself with a show command, authorized by, defined by and built by the vendor itself, right? And so I collect that information, normalize it, I compare it to what comes from those tools. Why wouldn't we? Now what we're doing is taking data from. Multiple sources, aggregating it, comparing it, and what are we doing? We're validating that the information that the dragosis and the nozomis actually it does match with what's on the device, right and with that, if I can collect the device's configuration settings, I have a customer right now. I won't name the customer, but I'll tell you, they come up with a brilliant, brilliant idea. They said the Dragos is in the world, and they have drag us, and they also have Nozomi, and they have red seal. So we're going to talk about those three products for a moment. Those products are deployed in this this energy providers world. The energy provider says, I like Dragos because it gives me information about these three things. Red Seal gives me information about these five things, and Nozomi gives me information about these three. So the rest of the information, he calls it inferred data. In other words, because that device is on a MAC address, or it's on an IP address, it must be this, right? Or it's speaking that protocol on this port. It must be a Snyder device or an ABB device. That's an inferred activity or an inferred source of information, not validated. We're talking to the device itself. So there's no in inference there. We know that we're getting this information directly from the device. We don't have to infer anything. But this customer said, look, what I want you to do is take the pieces from Dragos that I attribute 100% trust to, the same thing for Nozomi and the same thing for red seal, and I want you to build me a different picture of that device based on the trust field from each of those sources or collectors of information. Now, when you show me this device and its characteristics, you're showing me the aggregate of all the things I trust right from those solutions versus hey, here's this solution, here's this solution, and here's this solution, and it's a myriad of ocean of data. We're taking data and making information, right? Yeah, and then we're validating that information. So if I let you, if I'm the solution for putting you on that device, because our product knows how to talk to it. We know how to make the connection. And we control you through a role in a group, right? We let you get on there. Scott, when you're done, what do I do? I go right behind you, and I say, give me the configuration of that device. Show me this. Show me that. Show, show, show. And I pull that back, I compare it to the source of truth that I had before. Oh, look, it doesn't align anymore. Who was just there? Scott was hey, Ralph, the owner of the asset. Scott was just here. Here's a link to his whole session, everything you did, command for command, here's what changed. Here's what it looks like now. And I need you to approve that. Yeah, make sense? So now we're being proactive, using the data to collect configuration monitoring. We're implementing that zero trust foundation of who, what, when, where, how, results that that whole detect, respond, recover, that whole space we cover that now
you're like Gail drinking from a fire hose. Ah, dude, I love, I love this, trying to keep up with that. How do people get a hold of you that that's really fascinating, and who needs to get a hold of you? Who needs to get a hold of you? Know,
what? If you're running critical infrastructure, you need to talk to us. Yeah, there it is. If you're, if you're doing critical infrastructure, remote access for humans, you need to talk to us. And we're at consoleworks.com Yeah. My name is Bill Johnson. I'm at bill.johnson@consoleworks.com
Yeah, drinking from a fire hose. Try to flow that out. Yeah. All right, we're going to have all the contact information for Bill out on Industrial Talk as long as as well as Console Works. So fear not. You'll be able to get a hold of him. Guess, get a hold of him. I'm pointing at you on the video. So get a hold of bill. All right, we are broadcasting from distribute tech. It is great. Put this on your calendar for next year. You will not be disappointed. We will be right back.
You're listening to the Industrial Talk Podcast Network. You
all right, Bill Johnson's his name, easy. You can remember that Bill Johnson, you can the company is TDi Technologies. The solution is Console Works. That's what it says. Out on his stat guard, out on LinkedIn. And speaking of LinkedIn, you'll have all the content. Direct information. Cybersecurity is a big deal. You want to be connected. Cybersecurity is a big deal. You must be able to tighten that up, because we want you to succeed here at Industrial Talk, absolutely, we do. All right. We're building a platform. As I continue to say, each and every time, if you have a podcast that you are currently doing. You put it out on Industrial Talk. If you have a technology that you truly want to highlight, you put it out on Industrial Talk. Industrial Talk is an ecosystem of individuals that have a desire to continue to educate, collaborate and, of course, innovate, and that's what we're all here about it's it all right, be bold, be brave. Dare greatly. Hang out with Bill, change the world and keep your system secure. So we're gonna have another great conversation. Show.
