the data logger remains the same, there is little calibration drift when background calibration is
disabled.
8.2 Data logger security
Data logger security concerns include:
l Collection of sensitive data
l Operation of critical systems
l Networks that are accessible to many individuals
Some options to secure your data logger from mistakes or tampering include:
l Sending the latest operating system to the data logger. See Updating the operating system
(p. 120) for more information.
l Disabling unused services and securing those that are used. This includes disabling HTTP,
HTTPS, FTP, Telnet, and Ping network services (Device Configuration Utility > Deployment
> Network Services tab). These services can be used to discover your data logger on an IP
network.
NOTE:
In more recent operating systems, FTP, Telnet, and Ping services are disabled by default.
l Setting security codes (see following information under "Security Codes").
l Setting a PakBus/TCP password. The PakBus TCP password controls access to PakBus
communication over a TCP/IP link. PakBusTCP passwords can be set in Device
Configuration Utility.
l Disabling FTP or setting an FTP username and password in Device Configuration Utility.
l Setting a PakBus encryption (AES-128) key in Device Configuration Utility. This forces
PakBus data to be encrypted during transmission.
l Disabling HTTP/HTTPS or creating a .csipasswd file to secure HTTP/HTTPS (see
Creating a .csipasswd file (p. 113) for more information).
l Enabling HTTPS and disabling HTTP. To prevent data collection via the web interface, both
HTTP and HTTPS must be disabled.
l Tracking Operating System, Run, and Program signatures.
l Encrypting program files if they contain sensitive information (see CRBasic help
FileEncrypt() instruction or use the CRBasic Editor File menu, Save and Encrypt
option).
l Hiding program files for extra protection (see CRBasic help FileManage() instruction).
8. CR6 maintenance 111
To Next Page
Loading...
