Best cyber security practices for asset owners of solar & wind

pexels-photo-411592Concerned about the hacking activity on the internet?

It seems like everyday many organizations are being breached, data is leaked and intellectual property is impacted by malicious activity on the internet. Now more then ever it is important that asset owners of solar & wind facilities take extra measure and apply best practices to keep their data and assets secure. A hacker could potentially gain access to your network and manipulate or steal your data and at worst even turn off your inverters or cause damage to your operating assets.

If you are an owner/operator or an independent power producer, we recommend 3 basic steps to mitigate against cyber security threat levels.

1 – Staff:

Keeping your staff well educated and informed is critical. The no.1 cause of breaches is carelessness among your employees. Firewalls, antivirus and anti spam system no matter how sophisticated can easily be bypassed with a simple click on a bad link leading to your computer and the entire network getting compromised. Enroll your staff in cyber-security webinars and online courses to learn about the latest penetration techniques used by hackers. Your employees computers should be patched and kept current to protect against vulnerabilities.

2 – Access:

Your facilities network should be isolated with network traffic limited to one way only. In other words, the plants should only be accessible from specific location and data can only go from the plant’s office. Traffic going the other way should be blocked. Deep packet inspection should be setup with intrusion prevention systems enabled and monitored by IT.  Alarms should be set in place for unusual activity on the network and the facilities.

Keep your physical facilities secure and monitored 24/7. This includes your farms, data centers and offices. We are stating the obvious here but many companies don’t have sufficient security in place to protect their physical environment. Anyone can walk in and plug in a USB stick that can compromise the facilities or data centers.

3 – Assessment:

It is recommended that you go through assessment program to identify weaknesses and vulnerabilities in your network. Their are many government and private programs such CSET that provides you an evaluation tool that will guide you through the process. Additionally you can work with service providers or partners that can conduct a third-party assessment. Arbox Renewable Energy a software company that provides asset management software to owner operators of solar and wind facilities provides complimentary cyber-security assessment. To learn more contact info at arbox.com

Also read: Top 5 cyber-security best practices for independent power producers & small utilities

Contact us to see a demo of Arbox Hap