Energy & Utilities

Energy & Utilities

With the proliferation of connected technologies, energy companies face heightened cybersecurity risks that could compromise operational integrity, disrupt services, and pose significant safety concerns.

Device Authority offers proven IoT security solutions designed to address the unique challenges of the energy sector. Through advanced authentication, encryption, and access control mechanisms, Device Authority’s platform, KeyScaler, protects against cyber threats and safeguards sensitive data transmitted between IoT devices and energy systems. KeyScaler’s automated device identity lifecycle management tackles the challenges presented by the use of brownfield devices such as SCADA systems that are often bolted on to connected systems. It also supports organizations with complex connected environments and devices in hard-to-reach locations by offering secure Over the Air (OTA) updates eliminating and time-consuming service calls.

By mitigating risks associated with unauthorized access, data breaches, and operational disruptions, Device Authority empowers energy organizations to fortify their cybersecurity posture, maintain regulatory compliance, and ensure uninterrupted delivery of essential services.

Connected Energy Infrastructure Global Energy Provider Reduces Complexity and Achieves 278% ROI Connected Windfarm A Manufacturing Plant’s Success with Automated Privileged Access Management

Situation

A major energy corporation required a cloud platform to secure and manage devices connected to its critical infrastructure.​
Sensors collected and transmited data via IoT Edge gateways in real-time to the cloud to automate the operations of oil rigs and refineries, reporting important telemetry data such as pressure, temperature, leakage, and potential intrusion. ​
These devices required a strong root of trust and automated identity lifecycle management to secure communications to/ from the cloud over time.​

Solution

Device Authority KeyScaler was used to provide: ​

  • Identity Lifecycle Management for Azure IoT Edge Gateways and leaf devices.​
  • Seamless Integration with enterprise PKI services​
  • Zero touch Automated Device provisioning using X.509 certificates to DPS/ IoT Hub.​
  • Generation of device root of trust using DDKG

Summary

Faster time to value by using pre-built integrations to enterprise IoT platforms.​

Streamlined device security reducing admin burden and freeing up internal FTE resources.​

Integration to existing services through API's​

Automation prevents compromise

Accelerated incident response

Minimized customer disruption

Reduced liability

Situation

Device Authority was chosen by a global energy provider to implement Identity Lifecycle Management for their connected refinery infrastructure. Wanting to leverage Microsoft Azure solutions and connect their Corporate PKI for Enterprise Security consistency however there was an inherent level of complexity involved as they tried to formulate an enhanced Nested Edge deployment which could have proved costly.

Solution

Device Authority KeyScaler was used to provide:

  • Reduced complexity – Built-in connectors to leverage Corporate PKI while using the KeyScaler software infrastructure to automate, validate and sign certificate chain down to Leaf devices
  • Increased visibility – Ability to visualize the certificate, certificate policy and certificate validity across the entire device stack down to the Leaf device
  • Enterprise compliance – No compromise to the corporate policy with consistency of PKI across all aspects of the business​

Summary

Reduced error rates

Faster time to response

Enhanced IoT device visibility

$450,000 saving across 3 years

Situation

An operator of wind power farms needed to provide security for the multitude of sensors attached to each device across large arrays of turbines.​
These sensors provide real-time data critical to efficient operation of the turbines including peak wattage, wind speed and direction, individual turbine performance, and local weather data including lightning proximity – a danger for the windmills and the maintenance crews that service them.​
Simplified security management and connection to Microsoft Azure IoT were key requirements.​

Solution

Device Authority KSaaS platform was implemented with the following benefits: ​

  • SaaS delivery model eliminated costly infrastructure and management overhead​
  • KeyScaler provided automated PKI Services for IoT and complete Identity Lifecycle Management.
  • KeyScaler leveraged mTLS  on the devices to enable secure certificate provisioning, revocation and renewal.
  • KSaaS was used as an engine for Certificate Management via the simple API framework.

Summary

Standardized security solution

Eliminating human errors​

Multi-Tenancy service that streamlines support​

Reduced complexities

As part of its digital transformation strategy, a leading oil and gas company seeks to enhance operational efficiency, data visibility, and security in its oil fields. The organization aims to implement a robust data collection and transmission system using Azure IoT Edge gateways, leveraging the Purdue model for Industrial Control Systems (ICS) to ensure secure and efficient data exchange across its operational technology (OT) and information technology (IT) environments. By utilizing the Azure IoT Hub, the company plans to create a reliable, scalable, secure infrastructure that connects field devices to the cloud for real-time analytics and decision-making. The initial IoT devices will be Variable Speed Drives used for ESP control as well as various chemical injection equipment.

Challenges Faced

1. Manual Device Enrollment: Devices are not enrolled automatically, requiring manual intervention that delays deployment and increases the risk of errors.

2. Certificate Management: Certificates need to be provisioned manually, complicating the management process and leading to potential security risks.

3. No Automated Certificate Rotation: Certificates are not rotated automatically, exposing the organization to the risk of having an expired certificated that could cause service disruptions or compromised certificates.

4. High Maintenance Costs: The manual maintenance of device identities and credentials incurs high operational costs and resource demands.

Solution

To address these challenges, the company will implement Device Authority’s KeyScaler Platform to automate the device identity and lifecycle management:

  • Automated Device Registration: Utilizing the EST (Enrollment over Secure Transport) protocol, KeyScaler automates the device registration process, significantly reducing manual workload and associated errors.
  • Policy-Based Certificate Lifecycle Management: KeyScaler enables policy-based certificate lifecycle management, including automated provisioning, rotation, and revocation. This ensures that all devices maintain up-to-date and secure certificates throughout their lifecycle.
  • Automated Device Provisioning: The provisioning of devices into the Azure IoT Hub is automated, eliminating manual steps and minimizing the risk of human error.
  • Automatic Transfer of Parent – Child Relationships: KeyScaler automatically transfers the parent-child relationships of gateways to Azure IoT Hub, ensuring accurate hierarchy management and streamlined data flow.
  • Secure Key Transfer Mechanism: A secure mechanism for provisioning and transferring keys to the gateways will be established, enhancing overall security and reducing the risk of unauthorized access.

Summary

Enhanced Security

Simplified Device Onboarding

Scalability

Compliance and Governance

KSaaS

KeyScaler as a Service (KSaaS) is Device Authority’s award winning cloud-based delivery platform that revolutionizes IoT security offering a fully-hosted solution for managing device identities, access controls, and security policies.

Read more

KeyScaler AI

KeyScaler AI is a dedicated AI/Machine Learning module that focuses on enhancing device security, visibility, and incident response. KeyScaler AI’s direct connection to KeyScaler Central uses sophisticated AI/ML algorithms to automate certain aspects of a device identity lifecycle, such as frictionless onboarding, vulnerability management, anomalous behavior detection, and more.

Read more

Benefits at a glance

Secure legacy devices

Automation removes the need for manual intervention

Continuous authentication and assurance means ability to isolate devices at speed and scale

Protect edge and leaf devices

Offline/Online Device Lifecycle Management

Zero touch provisioning using X.509 Certificates

Get in touch

Contact Us