Safety instructions
2.2 Security recommendations
Mobile reader SIMATIC RF360M/RF660M
Operating Instructions, 08/2022, C79000-G8976-C660-02
9
2.2
Security recommendations
To prevent unauthorized access, observe the following security recommendations when
working with the reader.
General
•
Check regularly that the device complies with these recommendations and/or other
internal security policies.
•
Do not connect the device directly to the Internet. Operate the device within a protected
network area.
•
Do not establish a WLAN connection with the device. If you do establish a WLAN
connection, make sure that it is a secure connection.
Physical access
•
Restrict physical access to the device.
•
The device does not have user management functions. Make sure that only adequately
qualified and authorized personnel have access to the device.
•
Lock unused physical ports (e.g. Ethernet ports) on the device. Unused ports can be used
to access the system without authorization.
Software (security functions)
•
Keep the software up to date. Keep yourself informed regularly about safety updates for
the product.
You can find information about this at Link: (
https://www.siemens.com/industrialsecurity
•
For compatibility reasons, the pre-installed Web browser contains both weak and strong
TLS encryption algorithms. For security reasons, protect your server against the use of
weak encryption algorithms with corresponding measures.
•
Make sure that the apps installed and operated on the device are from trusted sources.
•
Activate only protocols that you actually need to use the device.
•
The XML protocols are sent unencrypted. Take suitable measures to ensure that the XML
communication is tap-proof.
Passwords
•
The transponders usually have "Lock" and "Kill" passwords. Set these passwords to ensure
that an attacker who obtains physical access to the transponders cannot set them or
change the transponder contents.