Authentication has a long way to go at industrial sites

Wednesday, 4 June 2003, 11:11 AM EST

All the advances being made in authentication are going to have to wait for the users to wash their hands and remove their hats before security can be strengthened at many industrial sites.

Such sites, including those in the energy, utilities and water industries, have safety regulations requiring workers to wear hard hats, according to Robin Goatey at St. Louis-based AmerenUE, an energy services company. "We're wearing face shields and masks, which eliminates facial scanning, with dirty and greasy hands that you can't fingerprint," Goatey said, and background noise is too loud for voice verification.

"There is no best practice for authentication in industry," he said, while the need for stronger authentication is growing because much of the old electromechanical relay logic used in Supervisory Control and Data Acquisition (SCADA) systems to control industrial plants has been replaced by computers that require new information security methods.

Still, the greatest threat to the nation's energy, utility and water plants, as with most information resources, is from internal sources, Goatey added, despite the occasional virus that disables controllers using the Windows operating system.

[ Read more ]

Related items


10 practical security tips for DevOps

By working with the DevOps team, you can ensure that the production environment is more predictable, auditable and more secure than before. The key is to integrate your security requirements into the DevOps pipeline.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Mar 31st