Wednesday, January 25, 2023

IT/OT Convergence - Not only a technical challenge!

The convergence of IT (Information Technology) and OT (Operational Technology) can present several challenges:

  • Management: in most of the company, IT and OT systems were managed by different teams, with different skills and expertise. It can be difficult to ensure that the two teams are being managed effectively and that the IT and OT engineers are working together effectively.
  • Compliance and regulation: IT and OT have different compliance and regulatory requirements. It can be difficult to ensure that both systems are meeting all relevant standards.
  • Understanding and process: both teams are talking different languages and have different expectations. There is long a learning curve to take in consideration if you start this journe. IT must understand OT and the other way around. This understanding must not be limited to technical aspects. The process must also be taken in consideration. For example, ITIL processes are not well known by most of the OT Teams.

For the reasons listed above, it's important to build a strong governance. You should have a dedicated team in charge of the convergence process, with clear roles and responsibilities and the right level of expertise in IT and OT.
And maybe the most important. A trust must be created between both teams.

 


Posted by at No comments:
Labels: , , ,

Thursday, January 5, 2023

How to use the Ansible Vault ?




 If your are using a clear password in your YAML file, you can encrypt the file via Ansible-vault.


  • How to encrypt the credentials ?

#ansible-vault encrypt MyCredentials.yml

New Vault password: <Enter the password and stored in a safe place>
Confirm New Vault password: <Enter the same password>
 Encryption successful

  • How to view the encrypted credentials ?

#ansible-vault view MyCredentials.yml

Vault password: <Enter the password previously chosen>


  • How to change data in your file (for example your credentials) ?

decrypt the file MyCredentials.yml

User@Ansible-Host:~/> ansible-vault decrypt MyCredentials.yml
Vault password: <known_key>
Decryption successful

Edit the file with your preferred editor (vim/nano) by changing the data.

Then encrypt the file again

User@Ansible-Host:~/> ansible-vault encrypt MyCredentials.yml
New Vault password: <known_key>
Confirm New Vault password: <known_key>
Encryption successful
Posted by at No comments:
Labels: ,

2023 - New Posts - I'm back

 After a big pause, I have decided to share again my experience. I will publish more articles on several topics and no more just the network. The following areas will be covered:

  • IT/OT Convergence. For this specific area, I would like to cover the technical challenges but also the organization changes which brings this convergence.
  • IoT 4.0 and cybersecurity.
  • Advanced firewalling.
  • Ansible and Automation.


Posted by at 1 comment:
Labels:
Subscribe to: Posts (Atom)