The strain of timely compliance places an ever-increasing burden on most energy providers. The sheer volume of reporting required by state and federal agencies often absorbs resources desperately needed for other functions within a utility company. In addition, penalties associated with noncompliance are steep.
ConsoleWorks helps Utility Providers to protect themselves from cyber-security threats and meet NERC-CIP requirements, while at the same time improving the efficiency and effectiveness of daily Operations. The vision behind the ConsoleWorks is to automate as much of the daily cybersecurity and NERC CIP forensic documentation as possible in synch with the overarching compliance business processes used to ensure NERC CIP compliance.
Challenges
- Meeting strict regulatory requirements requiring real-time documentation on an ongoing basis. Audits are frequent.
- Delivering 24/7 service on a tight budget.
- Delivering quality service with minimal margin for error.
- Avoiding escalating penalties for non-compliance.
- Safeguarding the company and community against insider threats that could jeopardize customers, businesses, and reputation
- Establish secure access to assets for configuration monitoring and patch analysis
- Meeting NERC CIP-005, 007, 010, and 013.
ConsoleWorks in Action
- Discreetly monitor targeted IT or OT functions to ensure each user is working on an approved system at an approved time of day.
- Document every action taken by a user on tamper-proof logs accepted by NERC/FERC
- Provide real-time compliance logs (CIP-005, CIP-007, CIP-010) that simplify and confirm reporting accuracy.
- Review security events in real-time, meeting (exceeding) the minimum 90 days as required by recent NERC/FERC regulations.
- Automated Patch Analysis
Benefits
- Protect against potential malicious acts perpetrated by disgruntled employees, vendors or suppliers.
- Reduce risk associated with NERC CIP regulatory fines and penalties.
- Focus limited resources on solving technical challenges and enhancing customer service.
The ConsoleWorks platform which enforces end-user role-based-access to manage rights and privileges to both IT and OT assets, monitor and manage asset configurations and securely remote into assets. ConsoleWorks does this without requiring agents on endpoint assets.
One of the remote access capabilities that makes ConsoleWorks unique, is its ability to get direct access to the “leaf” device – automating the navigation through the hierarchy of assets to the endpoint. This feature not only simplifies access for a user, it is what gives ConsoleWorks the ability to perform many of the automated functions, like configuration monitoring and password management, on all devices under ConsoleWorks (not just those directly connected to ConsoleWorks).
ConsoleWorks Baseline Configuration Management feature is used to drive the collection of settings (relay settings, accounts, ports and services, etc), firmware dump and running memory dump, among other things. Once collected, ConsoleWorks BCM can run a comparison of current settings vs an established baseline of settings and notify if any changes are detected.
ConsoleWorks logs all the activity, with an enormous amount of detail, including logging of keystrokes and system responses, for audit and compliance purpose.
Coupled with its remote access, configuration monitoring, endpoint password management, and logging and monitoring capabilities, the ConsoleWorks platform provides the most comprehensive and integrated cybersecurity and operations platforms for both IT and OT.
ConsoleWorks gives us 24/7 proactive hardware & software monitoring while serving as the security piece of our NERC-CIP compliance practice.
You do not need to audit remote access and baseline again – you guys have it nailed!
Any utility company that installs ConsoleWorks is way ahead of the game when it comes to NERC CIP compliance. We’re happy with the support from TDi. When we need it, they are there.
