A single infected device can introduce dangerous malware capable of compromising critical data, stalling manufacturing processes, or disrupting compliance with industrial standards. Such risk is heightened when legacy systems are still in place, with outdated procedures to secure their operations. Incidents such as the attack on the European Medicines Agency (EMA), which sought to disrupt the approval process of COVID-19 vaccines, and the attack on Dr. Reddy's, which led to the shutting down plants in the U.S., U.K., Brazil, India, and Russia, highlight the severity of the consequences of poor cybersecurity preparedness.
Security Gaps in Complex Infrastructure with Legacy Systems
Pharmaceutical manufacturing depends heavily on ICSs (Industrial Control Systems) and OT (Operational Technology). Many of these systems were not designed with modern cybersecurity threats in mind. The biopharma company operates more than one hundred facilities, including administrative offices, research and development facilities, and manufacturing plants.
Despite clear instructions for site engineers to scan all removable media and third-party laptops prior to connection, enforcement remained inconsistent. This resulted in the organization facing gaps in media scanning, especially with legacy systems, and a lack of centralized visibility or policy enforcement mechanisms.
While not legally required, compliance with the NIST SP 800-82 cybersecurity framework is considered essential for organizations that heavily rely on ICSs and OT networks. The organization prioritized the implementation of strict measures to strengthen its security posture and support the ongoing compliance with NIST SP 800-82.
Sanitizing Removable Media and Vendor Laptops at the Point of Entry
To close the security gaps, the pharmaceutical manufacturer, with the help of OPSWAT experts, planned and executed a multi-layered, defense-in-depth cybersecurity strategy. Three OPSWAT solutions were at the core of this strategy: MetaDefender Drive, MetaDefender Kiosk App, and My OPSWAT Central Management.
Securing Removable Media at the Point of Entry
MetaDefender Kiosk App was more favorable than the physical form factors of MetaDefender Kiosk due to its deployment flexibility. With the ability to install it on a variety of approved hardware, our client was able to deploy it on their existing endpoints, reducing setup time and cost. The deployment was performed at critical entry points across nearly all administrative, research, and manufacturing facilities.
Scanning Transient Devices Before Use in Critical Areas
With MetaDefender Kiosk App securing the entry points for removable media, the deployment of MetaDefender Drive provided deep inspection capabilities for laptops brought in by third-party vendors and technicians. Booted independently from the host OS, it enabled bare-metal scanning without needing to install software on the target device. MetaDefender Drive was deployed mainly in manufacturing facilities, where third-party laptops are mostly used.
Central Management for All Appliances
With deployments in over forty facilities, utilizing a centralized management tool was crucial. My OPSWAT Central Management is designed to seamlessly integrate with the majority of OPSWAT’s solutions, to perform various tasks, including configurations for all sites, real-time scan monitoring, performing software updates, and configuring user access.
We were satisfied with the seamless deployment of the MetaDefender Kiosks and Drives, especially with the integrated central management. We have deployed more than a hundred devices at over forty facilities. It would have been impossible to securely operate and maintain them without My OPSWAT Central Management.
Cybersecurity Operations Director
Centralized Security with Sensitive Data Protection
Neutralized File-Based Threats
The strategic deployments of MetaDefender Kiosk App and MetaDefender Drive ensured that all removable media and transient devices, mainly third-party laptops, are thoroughly scanned at the point of entry. With both solutions including MetaScan Multiscanning technology, which has proven to achieve detection rates of 99.2% when used with over 30 engines, the malware detection rates have noticeably improved.
Risks of hidden malware and zero-day exploits have been reduced. Deep CDR technology, included with the MetaDefender Kiosk App, sanitizes files by extracting embedded objects, macros, and out-of-policy content, regenerating safe-to-use files to eliminate unknown threats. MetaDefender Drive’s isolation between the scanning OS and the scanned machine files enables embedded threat detection, such as rootkit and bootkit infections, and firmware tampering.
Operational Efficiency with Centralized Policy Enforcement
With the strategic positioning of MetaDefender Kiosk App deployments and the capability to scan 13,000+ files per minute, manual scanning bottlenecks were eliminated. Site engineers were able to focus on core responsibilities rather than handling media security ad-hoc requests. Through My OPSWAT Central Management, IT administrators gained the ability to perform updates, monitor scans, manage access, and enforce standard scanning procedures across every site, all from a single pane of glass.
Enhanced Sensitive Data Protection
Proactive DLP technology is included with both MetaDefender Kiosk App and MetaDefender Drive. Its capability to detect and block sensitive data, including social security numbers, credit card numbers, secret keys, and intellectual property, reduced the risks of data leakage and regulatory compliance violations.
Robust Compliance Measures
The integrated solutions reinforced key NIST principles, including asset integrity, removable media control, and audit readiness. Besides the strategic deployments, technologies like Proactive DLP and Country of Origin, which detects where files were first created, reinforced the organization’s regulatory compliance measures. These improvements contributed to strengthening the manufacturer’s cybersecurity posture, along with complying with the standards of the NIST SP 800-82 framework.
Before using MetaDefender Kiosk, manual media scanning was inconsistent and time-consuming. There were no clear user roles or estimated timeframes. Having Kiosks with Central Management helped us improve security with clear, advanced procedures.
Lead OT Security Engineer
A Proactive Posture for Biopharma Cybersecurity
With administrative, manufacturing, and research facilities now fortified with standardized processes and effective solutions, the organization is looking to further strengthen its security posture. MetaDefender Media Firewall™ has been proposed as an enhancement to removable media security. It integrates with MetaDefender Kiosk to block access to unscanned files, provide boot sector protection, and support regulatory compliance.
OPSWAT’s integrated solutions protect sensitive IT and OT assets from cyberattacks and ensure operational continuity and regulatory compliance. To learn more about OPSWAT solutions and how they can secure your critical infrastructure networks, get in touch with an expert today.
