Brad Voris describes a project at the world’s largest supermarket chain where he was tasked with moving flat, unaudited industrial-control networks, running on Windows 98 and controlling milk temperatures, toward a zero-trust model. Working with OT engineers who simply asked for “VPN,” he uncovered deeper needs for segmentation, modern authentication, logging, and accountability. The stakes were high: an undetected temperature change could spoil product or trigger fires, sickening or killing consumers. By layering conditional access, MFA, JIT workflows, and monitoring onto the environment, the team gained visibility without crippling operations, while physical-security gaps were flagged for future remediation.
Key points roundup:
- Legacy OT environment: flat network, no logs, basic AD, Windows 98 controllers on dairy tanks.
- Stakeholder misalignment: management wanted VPN only; engineers wanted ease-of-use plus segmentation and audit.
- Health risk: unauthorized temp changes could boil milk, foster bacteria, or cause fires.
- Zero-trust controls delivered: conditional access, MFA, device policies, JIT ephemeral access, Azure AD integration.
- Remaining gaps: physical segmentation and building access still need work.
- Core lesson: frame security in business terms (cost, downtime, liability) to win buy-in and drive accountability.
