Cybersecurity and information security are essential to protect critical infrastructure. In Europe, this segment includes the energy sector and we have seen an increase in network protection, due to attacks becoming more frequent, sophisticated, and severe. It is clear companies cannot afford to wait for cyber-attacks to affect their critical infrastructure. It needs to be defended actively as the threats evolve, and fortunately, the energy sector is rising to the challenge to meet these threats.
At the same time, the transition to digital is taking place within the Energy sector and the digital approaches have the potential to enhance information security and cybersecurity protection. The need for new business practices that enable departments to securely collaborate, share sensitive information, all alongside interoperability has never been more critical. A new demand for security solutions to strengthen information technology (IT) and operational technology (OT) measures by safeguarding data, networks, internal systems, as well as, buildings has been created.
The enormous pressure faced by energy companies to meet stringent security controls in order to ensure critical infrastructure is always protected has led many to rely on trusted identities. This security option brings a mobile experience, automation for a new level of user experience, all backed by a modern and advanced public-key infrastructure (PKI) technology. An end to end PKI platform enriched with secure mobile endpoints for strong authentication and email encryption use cases, and the ability to automate identity provision to machines, servers, printers and help secure digital transformation and security enhancement.
How is Smart ID securing critical infrastructure in practice?
Smart ID enables an international energy supplier with offices throughout Europe, Russia and North America, to utilize a self-service portal for the management of trusted identities, including the approval stages to assure governance, including those working in critical infrastructure. Employees can use trusted identities for desktop log-in, email encryption, remote access and other security applications.
Through the Smart ID Corporate PKI, this company can implement user-groups with different access levels, manage keys including archiving and deploying the user key history as well as implementing a backend-to-card secure messaging for the secure personalization of trusted identities within an unsecured environment. The provisioning of users’ decryption key on a mobile device via mobile device management (MDM) systems like Mobile Iron or Microsoft Intune, is also common, or via ITMS (e.g. ServiceNow) for automated enterprise certificate provisioning for both domain endpoints (machines and servers) and non-domain endpoints (dev-ops servers, mobile devices or networking devices).
This energy supplier also requires a secure “as a service” approach, where we at Nexus, or our partner, provides the critical service for our customers’ infrastructure. Our cloud services for the workforce allows our customers to focus on optimizing their business while we manage the PKI platform. We assure availability, coupled with continuous upgrades and maintenance. Furthermore, we allow the options to deploy a subordinate CA in your name, meet your specific needs regarding certificate policies or short-lived certificates, or keep your environment crypto agile through upgrades in key usage.
This applies to the energy sector very well, whether it is to enable trusted identities for physical cards, Yubico, servers, e-charging stations or smart tokens and virtual smart cards.
Published
01/10 2020
Smart ID is a proven solution within the energy and utility sector, with companies such as Uniper, Fortum and Hubject/Electrify America, enhancing control and security of trusted identities.
Want to get started? Contact us!