The Access Problem Manufacturers Keep Underestimating

Ask a manufacturing IT leader about their biggest security concerns and you will likely hear about ransomware or regulatory pressure. While valid concerns, there is a quieter vulnerability that rarely gets the same attention: Access. Access is involved in a growing share of incidents. It is not unauthorized access in the dramatic sense. The threat often comes from mundane access points. A contractor with VPN credentials has broad network access. An OEM partner connects to production systems for routine maintenance through an unapproved tool. A remote engineer uses the same access path provisioned two years ago.

According to Verizon’s 2025 Data Breach Investigations Report, third-party breaches involving manufacturing organizations doubled year-on-year, accounting for approximately 30% of all incidents¹. The leading initial access vectors were credential abuse at 22% and exploitation of vulnerabilities at 20%. The front door is the problem.

The tool sprawl problem in OT environments

According to Claroty, 55% of manufacturing organizations run four or more remote access tools in their operational technology environments². This is common in a sector where every equipment partner brings their own connectivity method. The danger lies in the fact that approximately 80% of those tools are non-enterprisegrade². The security team did not select them. IT did not procure them. They sit on the network and create an unmanaged attack surface that grows with every new partner relationship. Access sprawl accumulates slowly. By the time someone maps the full picture, the estate runs dozens of access paths without holistic governance. This makes OT remote access security incredibly difficult to maintain.

Why VPNs are part of the problem

The industry recognizes this flaw. A 2024 Cybersecurity Insiders report shows 92% of organizations believe VPNs jeopardize their security posture. The same report found 59% plan to adopt ZTNA manufacturing solutions within two years³. The gap between intent and implementation is where exposure lives.

Many leaders treat zero trust manufacturing as a simple product purchase. They think a VPN replacement manufacturing tool solves the issue. The access problem involves dozens of paths governed inconsistently across multiple continents. These environments face different regulatory requirements and varying levels of on-site IT capability. A single ZTNA product deployed in one region does not solve the risk of a contractor using a shadow IT tool in another region.

True security requires an architectural shift, moving from network-based trust to identity-driven, context-aware access controls. These controls must apply consistently regardless of the user, location or target application.

Managed zero trust architecture in practice

GTT treats zero trust as a managed architecture rather than a standalone deployment. Secure Connect SASE, including ZTNA, and managed firewall services operate from a common policy framework. This is centrally managed through the GTT Envision platform. GTT Envision is a platform that delivers centralized policy orchestration and real-time access telemetry across every user and site.

Operationally, access policies follow the user. An employee on the plant floor, a remote contractor and an OEM partner each receive precisely scoped access based on identity and context. Policies are enforced consistently across every site. Session telemetry is collected continuously. When a role or risk condition changes, the access adjusts automatically. GTT takes accountability for the full lifecycle. Handling policy management, deployment, monitoring and response across your global estate. We act as your partner in securing the network.

Adapting to the modern manufacturing workforce

The manufacturing workforce model relies heavily on third-party connections and remote work. The access architecture governing your operations needs to reflect that reality. Relying on legacy tools leaves your production systems exposed.

You need a centralized approach to manufacturing access control. Read our Zero Trust Everywhere solution brief to see how you can establish an identity-driven access foundation today.