A little after 1 a.m., a packaging line in a Midwest food plant goes quiet. A drive controller stalls after a firmware update, and the operators on nights can’t coax it back to life.
Nothing dramatic - just the kind of issue that always seems to show up during the least staffed shift. The outside technician who usually supports that line woke up, opened his laptop, and was ready to take a look. Getting him through the plant’s remote access workflow proved to be the most challenging part of the job.
The VPN credentials rotated on a schedule that only one engineer fully understood, and that engineer was home sick. Operators searched through shared folders for old PDFs. Someone forwarded screenshots from a previous maintenance window. Another person attempted to use an outdated login taped to a monitor.
After a long stretch of trial and error, the vendor finally got in. The actual fix took him only a few minutes.
Situations like this aren’t unusual in industrial environments. Plants rely heavily on outside help, from OEM technicians to integrators to field specialists, and yet many remote access systems still reflect an older era when these connections were occasional.
In practice, remote sessions now play a regular role in production support. Equipment is more connected, issues are more intertwined, and the people who understand these systems are often scattered across time zones.
KuppingerCole’s newest Leadership Compass for Secure Remote Access in OT/ICS spends time analyzing the technical capabilities that are emerging to handle this shift. Reading it alongside real plant experiences creates a clearer picture of how remote access is evolving. The report highlights a number of trends that industrial teams are already navigating in day-to-day operations.
The Conditions Inside Today’s OT Networks
Most OT networks look nothing like the clean diagrams used in planning documents. A single site may have modern controllers sitting beside gear that was installed two decades ago. Some equipment supports encryption and multi-factor authentication. Other systems are sensitive to even small configuration changes.
Many plants run combinations of both, and the variation introduces complexity during remote work.
This mix of modern systems and legacy systems that we never designed with cybersecurity in mind is one reason protocol isolation has gained traction. The approach shows up prominently in the KuppingerCole analysis and has become increasingly common in the field.
Instead of creating a direct connection between a remote user’s endpoint and equipment inside the plant, an isolation layer provides a controlled way to view or interact with the target system without the user’s endpoint ever touching it. It offers a way to reach fragile or legacy assets without opening pathways into other parts of the network.
Plants appreciate it because it works with the infrastructure they already have, not the idealized version of their network they wish they had.
Regulatory expectations are another force shaping how remote access tools get designed and deployed. Standards such as NERC CIP, IEC 62443, and NIS2 have pushed plants to produce clear evidence about who connected, for how long, and what actions were taken.
It wasn’t long ago that some sites tracked vendor access with handwritten logs near operator stations. That approach rarely held up during audits or investigations. Today, session recording, automatic logs, and access oversight are becoming standard features. They help teams understand what happened during maintenance or troubleshooting without relying on memory or incomplete notes.
In many plants, the most significant challenges appear during deployment. Industrial facilities operate under a set of constraints that differ sharply from corporate IT environments. Bandwidth can be inconsistent. Some machines can’t be restarted without extended downtime. A single site might run equipment from multiple vendors, each with its own communication quirks.
Staff members rotate across shifts, and expertise is often thin during off-hours. A remote access platform that assumes steady network performance or dedicated IT support may struggle in these conditions. Solutions that adapt to uneven environments tend to perform better. They tolerate latency, handle older protocols, and maintain reliable access even when conditions vary.
The Realities of Remote Access
Human workflow is another part of the equation. Operators and technicians move fast during outages and maintenance windows. When a tool introduces delays or confusion, people find shortcuts. Shared credentials appear. Unapproved access paths get reopened. Teams fall back on older habits because those habits are comfortable and predictable.
The most successful access tools are the ones that fit into daily routines without adding cognitive load. They make it straightforward for a vendor to join a session, for a supervisor to observe, or for an engineer to retrieve a log later.
When you talk with OT engineers, they often bring up delays that happen long before anyone touches a tool. A line can sit quiet while people track down the right access steps, the right credentials, or the right workflow to let someone in. The repair itself usually moves quickly once the connection is made. It’s a reminder that many of the operational costs tied to remote access are hidden in the minutes and hours before troubleshooting even begins.
Plants that manage remote access effectively tend to approach it the same way they handle other long-term improvements. They move in steps. They test changes at a single site before expanding them. They prioritize the controls that support the work they already do, rather than redesigning processes around a new tool. It’s a gradual shift, not a sudden transformation.
Industrial teams will continue relying on outside expertise, and equipment will keep aging at uneven rates across facilities. Regulations will add new requirements.
Through all of this, remote access will remain a central part of how plants operate. It doesn’t attract much attention when everything works smoothly, but it becomes very visible during downtime. That alone is enough reason to treat it as a core component of modern industrial resilience.
