Operational Technology Is Never 'Set and Forget'

Imagine walking into your organisation's facility or office five years after installing that new CCTV system (or nurse call panel!). It’s still there, quietly doing its job - no one’s thought about it since it was installed and the vendor left.

But here's the thing. These same silent systems you put in place to keep everything running smoothly and securely, may well be the very reason that your organisation's data ends up on the dark web.

This is not a scare tactic or hypothetical Cyber exercise. It’s the reality of how operational technology (OT) risks play out. Devices like CCTV cameras, access control panels, environmental sensors, Solar inverters and even wifi speakers often fly under the cybersecurity radar for years. Meanwhile, hackers are looking for exactly these forgotten entry points.

The good news? You don’t need to rip everything out and start over. With smart network design and a solid architecture you can isolate risks, keep operations running smoothly and met compliance and cyber security expectations without a tools-down disruption.

Here’s how we advise executive teams and business owners on the practical steps to secure their OT systems with minimal fuss.

1. Create Safe Neighbourhoods

Network Segmentation is your best friend!

Think of your network like a busy office building. In some organisations, everyone from the finance team to the maintenance crew has keys to every room. That’s essentially a “flat” network. And whilst it is convenient, it’s also incredibly risky.

Network segmentation fixes that by buildings internal walls, and placing each type of device into its own specific “neighbourhood” or zone.

For example:

• Corporate IT zone: Corporate owned laptops, desktops and managed printers
• OT zone: Nurse call, CCTV, access control, building management (HVAC, lifts).
• Guest Wi-Fi zone: Visitor and contractor devices, staff BYOD devices.

If a hacker gets into the guest Wi-Fi, they can’t easily stroll into the OT zone controlling door locks or alarm systems. Each neighbourhood is self-contained, and only certain data paths are allowed between them.

Why it matters to your business:

Segmentation prevents small incidents from becoming full-scale crises. It protects access to essential systems, reducing downtime, and makes compliance audits far easier - in tech speak, this is minimising the "blast radius" of any potential incident.

At Microsolve, we implement network segmentation using VLANs (virtual local area networks) on existing infrastructure. The setup can usually be completed over a weekend, which means no interruptions for your staff, clients, patients or residents, and no expensive hardware replacement.

2. Control Access Between Zones

Firewalls are the locked doors

Even with strong walls, you still need solid doors and security rules about who can go where. That’s where firewalls come in.

Microsolve deploys Fortinet next-generation firewalls between every zone. These “smart gatekeepers” block bad traffic and understand what each device should and shouldn’t do.

This means that:

• Nurse call panels only communicate with the paging server on its specified port.
• CCTV streams video to the recording server, and nowhere else.
• No guest devices ever interact directly with OT systems.

Firewall policies follow a “least privilege” approach. This means that if a device doesn’t need a connection, it doesn't get one and the door between them stays locked.

A real example: In a residential aged care facility, our team placed CCTV and access control systems in a dedicated firewall zone. When a staff laptop was later compromised through a phishing email, the attacker couldn’t reach the cameras or control systems. The breach stopped there. Segmentation and firewalls contained the threat automatically.

The business benefit: Firewalls turn invisible chaos into controlled access. You can show the board or regulators exactly what your protections are, reducing risk, insurance exposure, and compliance costs.

3. Keeping It All Running

Ongoing Management is Essential

Your network isn’t static. New devices get added. Staff change passwords. Vendors need temporary access. Each change can weaken your defences if they're left unmanaged. 

That’s why ongoing OT security management matters. Microsolve handles this through managed internet and firewall services, combining daily monitoring, rule auditing, and transparent reporting.

Our team focuses on four guardrails that keep everything in line:

1. Daily monitoring: Automated alerts and human reviews catch unusual patterns, like a camera that suddenly sends data overseas.
2. Rule audits: Old firewall permissions get removed every quarter, keeping policies lean and secure.
3. Change control: Every new device is checked and placed in the right zone before it goes live. No more “plug and pray” installations.
4. Reporting: Simple dashboards translate tech performance into board-level insight, such as “OT isolation compliance: 98%.”

Ongoing management turns static protection into living security. You don’t have to worry that yesterday’s configuration will let in tomorrow’s threats. The systems keep doing their jobs, while Microsolve quietly protects them in the background.

Why Now?

Compliance Meets Common Sense

Regulators are now treating operational technology threats with the seriousness they deserve.

Under the Aged Care Act 2024 and Security of Critical Infrastructure (SOCI) Act, organisations must demonstrate risk management across both IT and OT environments. If your nurse call or security access system fails due to a cyber incident, it’s no longer just an inconvenience, it is a reportable safety event.

Boards and executives now need clear evidence of segmentation, monitoring, and incident response. A generic antivirus, or patching report does not cut it anymore.

Beyond compliance, the motivation is simple: operational continuity and trust.

OT downtime can disrupt care, impact safety, or even halt business operations. A single breached device can damage your reputation overnight and leak personally identifiable data at speed.

By acting now, you not only meet compliance standards, you prevent disruption, protect your team and clients, and secure the continuity your organisation depends on.

The Microsolve Difference

We’ve delivered OT security improvements for more than 50 aged care and healthcare sites across New South Wales in the past 20 years - it is a core component of our Zero Trust deployment model.

Our proven framework focuses on secure design, dependable maintenance, and measurable outcomes.

• OT Asset Discovery: We identify every device in your environment (often uncovering “forgotten” systems) in 2-4 weeks.
• Risk‑Prioritised Design: We strengthen the most critical systems first (like nurse call or access control).
• Managed Continuity: Firewalls, monitoring, and quarterly security reviews are included, so there’s no surprise cost.

There’s no big-bang project or operational downtime,  just steady improvements that keep your people and technology safe.

As a result, your organisation has a stronger, more resilient network that meets compliance, protects reputation, and delivers real financial return through avoided incidents and reduced downtime.

Your operational systems aren’t “set and forget.” They’re the heartbeat of your organisation. But like any heartbeat, they need protection to keep rhythm safely.

Microsolve can help you assess your current risk and build a practical plan to isolate, protect, and maintain your OT environment — without interrupting operations.

Our experienced team are available to discuss your Operational Technology security needs.