Manufacturer: Plant Visitor Access, Guest Wi-Fi, and Human Controls
ManufacturingOrg size: 250–1k employeesFocus: Physical & Network Segmentation4-week engagement
Demonstrated how visitor processes and shared networks can create pivot opportunities toward operational and business systems—without touching OT safety-critical controls.
Challenge
A regional manufacturer wanted a realistic assessment of how a motivated adversary could abuse physical access and permissive guest connectivity to reach sensitive business systems, while respecting strict safety and uptime constraints.
Approach
- • Reviewed visitor onboarding, badge workflows, and after-hours access assumptions at a primary site.
- • Assessed guest Wi-Fi, shared devices, and segmentation boundaries between visitor, corporate, and plant-adjacent networks.
- • Ran controlled, non-disruptive validation to identify pivot-ready services and misconfigured access controls.
- • Delivered prioritized fixes designed for plant realities: contractors, shift work, and constrained change windows.
Outcomes
- • Closed multiple low-friction access paths by tightening visitor processes and badge verification routines.
- • Reduced pivot potential by hardening segmentation, isolating shared endpoints, and improving NAC/guest controls.
- • Implemented practical security checks for contractors and after-hours workflows without adding operational drag.