Industry IT · Vancouver, BC

Manufacturing IT Support Vancouver | ERP, Plant Floor, OT/IT Coexistence

Manufacturing IT has two networks, not one. The business side runs ERP, CAD, and finance on predictable Windows infrastructure. The plant floor runs barcode scanners, shop-floor workstations, and whatever control systems the production line depends on. When the two get mixed up, or when patching cycles ignore the production schedule, a line stops. Hexafusion supports Vancouver and Lower Mainland manufacturers with OT/IT-aware infrastructure, 15-minute ticket response, and engineers who understand that uptime on the shop floor is not negotiable.

Manufacturing software and systems we support

OT/IT coexistence and plant-floor networking

Operational technology (OT) and information technology (IT) live on different schedules and tolerate different risks. We design and operate the IT side so it coexists cleanly with the OT side without either compromising the other. We do not directly manage SCADA, PLCs, or HMIs. We manage the boundary and the Windows systems that sit on it.

• Network segregation. Dedicated VLANs and physical separation where appropriate between business IT and plant-floor OT.
• Controlled data flows. Monitored, firewalled paths for required IT-to-OT traffic such as ERP-to-line data handoffs and historian pulls.
• Jump-host hardening. Windows systems used to access OT from the business network get a specific patch schedule, account hygiene, and logging profile.
• Wireless on the floor. Enterprise wifi designed for barcode-scanner and AGV reliability, not just office coverage.
• SCADA coexistence. We work alongside your automation integrator. We do not touch PLC code or HMI logic. Our role is to keep the IT environment around them safe and predictable.
• Change control. No plant-floor-adjacent IT changes during a production run without explicit plant-manager sign-off.

Privacy, compliance, and records retention

Manufacturers in BC operate under a layered regulatory picture. WorkSafeBC and the BC Occupational Health and Safety Regulation drive safety record-keeping. WHMIS 2015 sets out hazardous-products information, SDS retention, and worker-education documentation. The Environmental Management Act and federal Transportation of Dangerous Goods regulations cover environmental and shipping compliance. Manufacturers in the defence or dual-use supply chain may be registered under the federal Controlled Goods Program, which imposes security-organisation and access-control expectations on all controlled-goods-related data. We operate the IT controls that keep those records secure, segregated, and retrievable.

• Encrypted storage. Full-disk encryption on servers, workstations, laptops, and backups.
• Access logging. Who accessed which controlled-goods project folder, when, from which endpoint.
• Role-based access. Engineering, production, quality, finance, and admin roles separated, with CGP-scoped projects further segregated.
• Visitor and contractor controls. Separate network zones, short-lived accounts, and audit trails.
• Retention. Production, quality, WHMIS, and safety records retained per WorkSafeBC and applicable statutes.
• Reference. WorkSafeBC at worksafebc.com. Controlled Goods Program at tpsgc-pwgsc.gc.ca/pmc-cgp.

Workflow-respecting support

Production schedules drive our change windows:

• No patching adjacent to the production network during a shift without a change approval from plant leadership.
• After-shift and weekend windows for ERP, server, and network maintenance.
• Staging-first rollouts for ERP updates and workstation image changes.
• Pre-staged spare workstations and scanners so a failed endpoint does not stop a line.
• Shift-aware monitoring and alerting, so pages go to a plant contact, not to an office that closed four hours ago.

SLA commitments for Vancouver-area manufacturers

A line stop is expensive. Our commitments:

• Initial ticket response within 15 minutes.
• Emergency on-site Vancouver downtown within 1 hour.
• Emergency on-site Burnaby, Richmond, North Vancouver within 1 hour 30 minutes.
• Emergency on-site West Vancouver, New Westminster within 1 hour 45 minutes.
• Emergency on-site Coquitlam, Port Coquitlam, Port Moody, Delta within 2 hours.
• Emergency on-site Surrey, Langley, White Rock, Maple Ridge within 2 hours 30 minutes.
• Same-day resolution on Professional and Enterprise plans where Hexafusion manages the network, barring force majeure.
• Remote support immediate during the response window.

Why Vancouver manufacturers choose Hexafusion

Founded in 2020 by Alex Barari, a former PCI DSS Internal Security Assessor, Hexafusion brings enterprise-grade IT and cybersecurity to regulated mid-market operators. Manufacturers need an IT partner who understands change control, network segregation, and the difference between an office incident and a plant incident. Our engineers are Microsoft, Cisco, and CompTIA certified, we procure hardware as a Dell authorized partner, and we are based at 250-997 Seymour St in downtown Vancouver, within the response windows published on this page for most Lower Mainland plants.

We work alongside your ERP implementation partner and your automation integrator rather than around them. NetSuite, SAP Business One, or Dynamics 365 application issues route to the ERP partner. PLC and HMI defects stay with your controls integrator. Our lane is the IT around those systems: network, identity, workstation fleet, CAD/PDM infrastructure, backup, monitoring, and the hardened boundary between business IT and plant OT.

We serve BC businesses of every size, from a single-facility contract manufacturer to multi-site operations with mixed office, engineering, and shop-floor headcount. The controls, change discipline, and SLA do not change with size. Only the scope of the engagement does.

Common manufacturing issues we fix

• Plant-floor wifi dead zones. Survey, reconfigure, and add capacity so barcode scanners stop dropping mid-scan.
• ERP slowness at month-end. Database, indexing, or reporting-job scheduling. Profiled and tuned.
• CAD workstation bottlenecks. Graphics driver, licence server, or vault latency. Fixed at root.
• Scanner and label-printer chaos. Stable driver strategy, firmware alignment, and print-server health monitoring.
• Jump-host drift. Patching, account, and logging hygiene on the boundary Windows systems that touch OT.
• Supply-chain phishing. Email authentication, payer verification, and quarterly simulation given the attack volume in manufacturing.
• Backup silently failing. Audited, remediated, validated with quarterly test restores.
• Legacy Windows systems stuck on the floor. Isolated, hardened, and monitored when replacement is not an option short-term.

Frequently Asked Questions

Legacy systems, air-gapped operations, and Windows that cannot move

Almost every Vancouver manufacturer we meet carries at least one Windows system that cannot easily be upgraded. It drives a CNC, runs a vision system, or hosts a vendor utility the equipment-maker no longer supports on current Windows. The practical path is not to ignore it and hope, and it is not to force an upgrade that breaks the line. We segment those systems onto isolated VLANs, remove unnecessary network services, lock down USB and removable media, restrict accounts to what the application requires, and monitor the boundary for unexpected behaviour. Where the vendor eventually supports modern Windows, we help plan the upgrade against a production window that works for plant leadership rather than for IT.

Cyber insurance and supply-chain readiness

Larger customers and cyber insurers both increasingly audit their manufacturing suppliers for MFA coverage, backup immutability, network segmentation between IT and OT, EDR deployment, phishing training, and incident-response documentation. Supplier prequalification questionnaires on behalf of automotive, aerospace, and defence customers go further, asking about controlled-goods handling, visitor network controls, and secure remote access. We operate your environment to those standards and produce the evidence as a normal byproduct of the engagement: backup test-restore logs, authentication audit exports, network-segmentation diagrams, access reviews, and tabletop notes packaged for customer prequalification or insurer renewal without a last-minute scramble.

Related services

Manufacturing engagements usually include pieces from Managed IT Vancouver, Cybersecurity Vancouver, Cloud Services Vancouver, Backup & Disaster Recovery, and IT Supplier Vancouver.

Nearby industries we also support

Alongside manufacturers we support construction firms, accounting firms handling manufacturing clients, and financial services firms with high-security requirements.

Reviewed by Alex Barari, Founder, former PCI DSS Internal Security Assessor (ISA).