Potential risks and compensating controls
Address potential risks using these compensating controls:
Area | Issue | Risk | Compensating controls |
Password through display |
Default settings are often the source of unauthorized access by malicious users. |
If you do not change the default password, unauthorized access can occur. |
Change the default password of 0 (zero) to help reduce unauthorized access. |
Secure protocols |
Ethernert port with Modbus TCP and BACnet/IP protocols are unsecure. The device does not have the capability to transmit encrypted data using these protocols. |
If a malicious user gained access to your network, they could intercept communications. |
For transmitting data over an internal network, physically or logically segment the network. For transmitting data over an external network, encrypt protocol transmissions over all external connections using an encrypted tunnel, TLS wrapper or a similar solution. |