Archive

Posts Tagged ‘MOBILE SECURITY’

SCADA Mobile !! – They must be joking

May 28, 2009 Leave a comment

A couple of posts that I read on SCADALIST sounded the alarm inside my head, for some time now I have been following the news/reports/analysis of SCADA web/remote access that is now becoming as standard feature in nearly all the new SCADA/DCS packages.

The posts which I quote below say that Orlando’s Iron Bridge water facility, actually allowed remote “Management” not just “Monitoring and reporting” from personnel HOMES and using Mobile notebooks !!..i would certainly like to take a look at their end point security and how they secured/audited the physical security of the personnel living rooms and bedrooms.

PS: the software used (WinCC SCADA software) developed/updated by Siemens , now supports Microsoft VISTA and comes with a pre installed MS SQL server.

“The reach of our networks has grown 10 times over in the last two years, as we’ve expanded our ability to monitor and manage the whole system 24/7 from just about anywhere using WinCC SCADA software.”

“Secure remote monitoring means I can respond to a trouble call in the middle of the night by simply tapping into any of the treatment facilities from home or wherever I am. It’s amazing,” said Mecabe

Full Article (HERE)

And then an article about SCADA – Blackberries

“Ed Yachimiak is the senior SCADA analyst at a large Midwestern utility. His company operates 35 sites, each with its own PI Historian from OSIsoft that gathers and aggregates control data for enabling better-informed business decisions. This platform architecture was augmented by the addition of mobile device dashboard technology from Transpara that enables anyone anywhere to gain visibility to role-defined information 24/7. “Information on plant status and power generation schedules is available on their Blackberries whenever they request it,” Yachimiak says.”

letting the security/confidentiality issues around the blackberry and (RIM) mail infrastructure aside , the post popped up a good question and that Is
Is this information available to energy traders too? coming from the oil and gas sector..I know that some oil and gas companies allow this type of mobile reporting..But what if one of these devices got lost somewhere ( No body is talking about corporate espionage/insider traders…etc) how bad can this leaked email/info affect the oil/energy market !!

Full article (HERE)