OT/IT Cybersecurity | Phishing Awareness | IT Support for Manufacturers Salt Lake City
Introduction
Spring is a high-volume hiring season for manufacturers. Production ramps up, headcount increases, and new employees arrive on the floor and in the office with limited context about how your operation works, who the decision-makers are, and what normal communication looks like. That disorientation is a resource attackers actively exploit. Research shows that new hires are 44% more susceptible to phishing attacks than their longer-tenured colleagues — and that CEO or management impersonation is 45% more effective against employees in their first weeks on the job. For a manufacturer, the entry points include ERP systems, email, and increasingly, operational technology interfaces.
Why New Manufacturing Employees Are High-Value Targets
The new-hire vulnerability is not about intelligence or technical skill. It is about context. A new operations staff member does not yet know:
- How your plant manager or operations director typically communicates urgent requests.
- What legitimate SAP or Epicor support communication looks like.
- Which vendors are approved and how they contact your purchasing team.
- Who to ask if something seems off.
Attackers impersonate plant managers, IT support teams, and ERP vendors. They manufacture urgency — a supplier payment is overdue, a production system needs immediate credential verification, a shipment is at risk. New employees, eager to perform well and not cause problems, are more likely to comply without verifying.
What a New-Hire Phishing Attack Looks Like in Manufacturing
Consider this scenario: A new purchasing coordinator receives an email appearing to be from the operations director. It says a supplier invoice needs to be processed immediately or a critical component shipment will be held. The email looks real — name, title, even a plausible-sounding urgency. The new coordinator, three weeks on the job, processes it.
Or: A new IT helpdesk contact is asked by a production floor employee to reset a SAP credential via email. The requester is not who they say they are, but the new IT staff member has no baseline for verification procedures yet.
Shop floor employees are a particular vulnerability in manufacturing environments because they typically have less security awareness training than office staff, but they often have access to production systems, quality management platforms, and ERP modules relevant to their work.
Three Controls That Protect Your Operation
1. Configure Access Before the First Day
Role-based access control means new employees get exactly the system permissions their job requires — and no more. A new production line operator does not need access to financial modules in your ERP. A new administrative hire does not need access to CAD file repositories. Provisioning access by role, before day one, reduces both the attack surface and the damage if credentials are compromised.
When an employee leaves or changes roles, access should be revoked or adjusted immediately. This is a basic IT control that many manufacturers still do not enforce consistently.
2. Show New Employees What Normal Looks Like
During onboarding, spend time walking new hires through examples of legitimate communication from your ERP vendor, your IT provider, and your leadership team. Explain explicitly how urgent financial requests are handled at your organization — and that legitimate requests will always go through an established verification process, not a one-off email.
For shop floor employees, this can be a brief, practical session focused on the specific systems they use. It does not need to be a lengthy cybersecurity course.
3. Establish a Clear Point of Contact for Security Questions
Every employee — from the production line to the purchasing department — should know exactly who to contact if they receive a suspicious message. Make it easy. The goal is to create a culture where pausing to verify is the norm, not the exception. A new hire who checks before clicking is worth far more than one who complies without thinking.
The Shop Floor Is Part of Your Security Perimeter
In manufacturing environments, cybersecurity often focuses on IT infrastructure and ERP systems. But the shop floor — where employees interact with production equipment, QMS platforms, and occasionally connected operational technology — is also part of your attack surface. As OT and IT continue to converge, the people who work at those intersections are increasingly relevant to your security posture.
Frequently Asked Questions
Q: Our shop floor employees don't use computers much. Is phishing really a risk for them?
Increasingly yes. Modern manufacturing environments involve more connected devices, tablets, and ERP terminals on the production floor than they did a decade ago. Even employees with limited computer use are often registered users on systems with access to production data. A phishing attack does not need to be sophisticated to compromise those credentials.
Q: How do we know if a phishing attack has already affected our organization?
Indicators include unexpected ERP login alerts, changes to vendor payment information that no one authorized, unusual access to CAD files or production data, or a new employee reporting a suspicious message after complying with it. A managed IT provider can monitor for these indicators in real time, including outside business hours.
Q: We have IT staff. Why would we need an MSP to help with phishing protection?
Internal IT staff are valuable — but they have capacity limits. An MSP provides 24/7 monitoring, phishing simulation tools, and security awareness training programs that most internal teams cannot maintain on their own budget and headcount. The combination of internal IT and a managed security layer is more effective than either alone.
Protect Your Operation Before the Next New Hire Starts
We work with Salt Lake City manufacturers to protect production systems and reduce operational downtime. If you're scaling up this spring and want to make sure your onboarding process includes proper access controls and security training for new employees, let's talk.
