Authentication has a long way to go at industrial sites

Wednesday, 4 June 2003, 11:11 AM EST

All the advances being made in authentication are going to have to wait for the users to wash their hands and remove their hats before security can be strengthened at many industrial sites.

Such sites, including those in the energy, utilities and water industries, have safety regulations requiring workers to wear hard hats, according to Robin Goatey at St. Louis-based AmerenUE, an energy services company. "We're wearing face shields and masks, which eliminates facial scanning, with dirty and greasy hands that you can't fingerprint," Goatey said, and background noise is too loud for voice verification.

"There is no best practice for authentication in industry," he said, while the need for stronger authentication is growing because much of the old electromechanical relay logic used in Supervisory Control and Data Acquisition (SCADA) systems to control industrial plants has been replaced by computers that require new information security methods.

Still, the greatest threat to the nation's energy, utility and water plants, as with most information resources, is from internal sources, Goatey added, despite the occasional virus that disables controllers using the Windows operating system.

[ Read more ]

Related items


101,000 US taxpayers affected by automated attack on IRS app

The IRS has revealed more details about an attack it suffered last month, mounted by unknown individuals with the aim to file fraudulent tax returns and funnel the returned money to their own bank accounts.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Feb 10th