Industrial Security and Compliance
Address mounting regulatory pressure from government, corporate and legal
sources (NERC, SOX, CIDX, FDA and more)
Secure 24X7 availability and timely recovery
Secure access to plant data from the corporate environment
Secure remote access
Minimize the risk of threats and breaches from rapid growth of technology in
the plant
Plug the security holes on Windows platforms
Manage myriad hardware and software options
Minimize malicious intrusions
NERC Critical Infrastructure Protection - CIP - Compliance for Power
On March 24th 2006 the NERC voted to accept the 4th draft of the Critical
Infrastructure Protection standard as the final word on security for the Power
Industry. A second important development is that the schedule for expected
compliance was also finalized. This means two very important fundamental
issues are now in scope for the North American Electric Grid:
- Compliance with a specific security standard is now regulated
- The clock is ticking in the race to become compliant
Matrikon’s Industrial Security and Compliance Team is already working with
a number of utilities towards achieving NERC compliance. With 10 years
experience in process control security, infrastructure and best practice
development and deployment we are well suited to meet any needs our
clients may have in their efforts.
Matrikon always approaches security from 3-sides which encompasses technology,
people, and processes as they affect security. By adopting such a comprehensive
approach to security, Matrikon can assess any of your initiatives from policy
review to training programs to technological and physical security concerns.
And Matrikon is flexible enough to conduct any scope of assessment from ongoing
policy review to exhaustive system by system site audits and front-end
engineering through technical implementation.
Security Step 1 - Assessing the Situation
Matrikon solutions enable companies of all sizes to have secure access to
control data across their enterprise. Matrikon's Security Vulnerability
Assessment (SVA) Services provides process-based corporations with a strong
network and technological security roadmap that allows timely and secure access
to critical plant data for business decisions. It protects the Control
environment while obtaining or maintaining regulatory compliance whether it is
SOX, NERC, CIDX, or others.
In the often blurry area where the business LAN meets the control environment
the single most important aspect of a plant-level security audit is the need to
fully understand the different worlds of traditional IT and that of the DCS or
SCADA industrial IT requirements. Matrikon brings a 'total picture' perspective
to security audits independent of any particular DCS or automation vendor while
still following traditional 'IT-based' best practices.
Security Step 2 - Secure Process Environment
There are many companies that still use their business network for control
system communication, or they use a server with two network cards between plant
a business networks. The latest software threats are capable of penetrating
these designs and a better secure architecture is required. Together with our
clients, we have developed the Secure Process Environment and tested it in the
most demanding mission-critical manufacturing and process environments. A
robust and secure network infrastructure is the foundation for reliable
information systems. The design is meant to prevent unauthorized access to
systems, but promote access to information that drives your business. With a
Secure Processing Environment and Matrikon's Industrial Security and Compliance
team, you can be assured you have the greatest security, reliability,
performance and value from your production environment.
|