Authentication has a long way to go at industrial sites

Wednesday, 4 June 2003, 11:11 AM EST

All the advances being made in authentication are going to have to wait for the users to wash their hands and remove their hats before security can be strengthened at many industrial sites.

Such sites, including those in the energy, utilities and water industries, have safety regulations requiring workers to wear hard hats, according to Robin Goatey at St. Louis-based AmerenUE, an energy services company. "We're wearing face shields and masks, which eliminates facial scanning, with dirty and greasy hands that you can't fingerprint," Goatey said, and background noise is too loud for voice verification.

"There is no best practice for authentication in industry," he said, while the need for stronger authentication is growing because much of the old electromechanical relay logic used in Supervisory Control and Data Acquisition (SCADA) systems to control industrial plants has been replaced by computers that require new information security methods.

Still, the greatest threat to the nation's energy, utility and water plants, as with most information resources, is from internal sources, Goatey added, despite the occasional virus that disables controllers using the Windows operating system.

[ Read more ]

Related items


Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Oct 24th