Important recommendations for data protection!
In order to minimize the risk of data security violations, we recommend the following organizational and technical actions for the system where your applications are running.
- Whenever possible, avoid exposing the PLC and control networks to open networks and the Internet.
- Use additional data link layers for protection, such as a VPN for remote access.
- Install firewall mechanisms. Restrict access to authorized people.
- Use high-strength passwords.
- At commissioning, change any existing default passwords and change them on a regular basis.
Use the security features supported by CODESYS and the respective controller, such as encryption of communication with the controller and intentionally restricted user access.
For devices which support a device user management, the device editor includes the Users and Groups and Access Rights tabs.
When offered by the device, the user can view the user management for the device here as well as edit it in synchronization mode (not in online mode).
Here, the user can grant or deny specific permissions on the controller to the defined user groups.
If this is urgently needed, then it is possible to deactivate this device user management.