Notifications
Clear all
Topic starter
06/06/2026 2:12 am
TL;DR: Fernwartung ist in vernetzten Produktionsumgebungen unverzichtbar, but uncontrolled third-party access expands OT attack surface and complicates NIS2 compliance, according to Imprivata’s analysis of vendor access, session monitoring, and auditability. The governance lesson is that visibility and time-bound approval are now core control requirements, not optional add-ons.
NHIMG editorial — based on content published by Imprivata: secure remote maintenance and NIS2 compliance in manufacturing
By the numbers:
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools.
- Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them.
Questions worth separating out
Q: What breaks when vendor remote access in OT is not tightly controlled?
A: Uncontrolled vendor access turns maintenance into an open-ended production risk.
A: Manufacturing access can affect availability, safety, and product quality, not just data confidentiality.
Q: What do security teams get wrong about remote maintenance governance?
A: Many teams focus on the connection method and ignore the identity and session controls behind it.
Practitioner guidance
- Inventory all third-party production access Map every external vendor, integrator, and service partner that can reach OT assets, then classify each path by asset sensitivity, privilege level, and business criticality.
- Enforce session-scoped approvals Require explicit approval before each vendor session begins, limit the session to the maintenance task, and close access as soon as the task is complete.
- Record and retain every privileged session Capture session recordings, command activity, and identity attribution so that incident response and audits can reconstruct exactly what happened on the plant floor.
What's in the full article
Imprivata's full article covers the operational detail this post intentionally leaves for the source:
- The full VPAM control model for external maintenance providers across industrial environments.
- The article's detailed discussion of NIS2, BSI, and IEC 62443 alignment for OT access governance.
- Specific examples of session recording, approval workflows, and credential handling for vendor access.
- The practical comparison between broad remote access and controlled third-party privileged sessions.
👉 Read Imprivata's analysis of secure remote maintenance and NIS2 in manufacturing →
Sichere Fernwartung in OT: wie NIS2 verändert, was teams freigeben?
Explore further
06/06/2026 3:44 am
Vendor access is a privileged identity problem, not a remote-connectivity problem. The article’s core issue is that industrial environments now depend on external identities that can affect production states, not just data systems. Once a vendor session can change machine behaviour, the control model has to shift from network reachability to identity governance, approval, and observability. Practitioners should treat remote maintenance as a privileged workflow with OT consequences.
A few things that frame the scale:
- 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures, according to the Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which helps explain why remote-access governance keeps failing at the identity layer.
A question worth separating out:
Q: Who is accountable when a vendor session touches a production system outside the approved scope?
A: Accountability sits with the organisation that granted the access and the governance model that permitted it. In regulated environments, teams should be able to show who approved the session, what limits were set, and what evidence proves the vendor stayed within scope.
👉 Read our full editorial: Sichere Fernwartung in der Fertigung braucht strengere NIS2-Kontrollen
