The advantages of the UPS management software are clear; but from a cybersecurity perspective how safe are they? Does the software unintentionally provide a “back door” point of entry for potential hackers?
Below are some key questions systems administrators should ask their UPS suppliers regarding the security of their UPS management software.
Who is the manufacturer of the software and how much do they invest in making sure their products are cyber secure? Leading vendors with reputations for high quality products should always incorporate cybersecurity best practices in their software development cycle. Companies like Microsoft and APC subject all their products to rigorous Secure Development Lifecycle (SDL) security testing. Products that undergo SDL have been coded, pretested, verified and validated utilizing industry leading cybersecurity testing methods and are better protected from malicious cyberattacks.
Does the software possess the latest SHA-2 certificates? SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) that allows users to determine the integrity of the data they are accessing. From a cybersecurity perspective, SHA-2 certification means that the software in question enables the comparison of the hash of a downloaded file to the result of a previously published hash. This determines whether the download has been modified or tampered with, and, if so, the user is notified that a cybersecurity threat is present.
Are the communications protocols supported by the software best in class? PowerChute Business Edition now supports the latest SNMP v3. This version has within it the capability of preventing a hacker from falsifying information that a user is receiving and also prevents hackers from interfering with information as it’s being transmitted. Users are notified if such attacks are occurring. Continue reading