Electric Utilities Identity Management
Identity and access management design
The National Cybersecurity Center of Excellence (NCCoE) has published an example solution architecture guide that electric utilities and enterprises can use to more securely and efficiently manage access to the networked devices and facilities on which power generation, transmission, and distribution depend. To better protect power generation, transmission, and distribution, electric utilities need to be able to control and secure access to their resources, including operation technology (OT) systems, buildings, equipment, and IT systems. Identity and access management (IdAM) systems for these assets often exist in silos, and employees who manage these systems lack methods to effectively coordinate access to devices and facilities across these silos. This inefficient process can result in security risks. The guide to Identity and Access Management can help organizations:
- adopt products and capabilities on a component-by-component basis, or as a whole, thereby minimizing impact to the enterprise and existing infrastructure
- reduce the risk of malicious or untrained people gaining unauthorized access to critical infrastructure components and interfering with their operation, thereby lowering the overall business risk
- allow for rapid provisioning and de-provisioning of access from a converged platform, so that personnel can spend more time on other critical tasks
- improve situational awareness: proper access and authorization can be confirmed through the use of a single, converged solution
- improve the security posture by tracking and auditing access requests and other IdAM activity across all networks
- enhance productivity of employees and speed delivery of services, and support oversight of resources
A foundation of cybersecurity is the principle of least privilege, defined as providing the least amount of access (to systems) necessary for the user to complete his or her job. To enforce this principle, the access-control system needs to know the appropriate privileges for each user and system. An analysis of the IdAM solution reveals two components that need to be protected from both external and internal threat actors: the central identity and authorization store and the authorization workflow management system. The authorization workflow management system is trusted to make changes to the central identity and authorization store. Therefore, any inappropriate or unauthorized use of these systems could change authorization levels for anyone in the enterprise. If that occurred, the enterprise would experience a lack of integrity of the identity and authentication stores. The central identity and authorization store is the authoritative source for the enterprise and holds the hash for each user password, as well as the authorizations associated with each user. Access to this information would enable an unauthorized user to impersonate anyone in the organization. In this situation, the enterprise would lose control over access to resources.
Operationally, a lack of a converged IdAM platform can increase the risk of people gaining unauthorized access to critical infrastructure components. Once unauthorized access is gained, the risk surface increases and the opportunity for the introduction of additional threats to the environment, such as malware and denial of service. At the strategic level, consider the cost of mitigating these risks and the potential return on investment in implementing a product (or multiple products). You may also want to assess if a converged IdAM system can help enhance the productivity of employees and speed delivery of services and explore if it can help support oversight of resources, including IT, personnel, and data. The example solution addresses imminent operational security risks and incorporates strategic risk considerations. The solution is made of many commercially available parts. You might swap one of the products for a solution that is better suited for your environment. A combination of some of the components described, or a single component, can improve your identity and access/authorization functions, without requiring you to remove or replace your existing infrastructure. The guide provides both a complete end-to-end solution and options that you can implement based on your needs. IdRamp provides a lightweight agile integration fabric that will enable the enterprise to converge IdAM silos with state of the art access control, MFA orchestration within a modular solution architecture. To learn more about how IdRamp can simplify implementation and strategic IdAM planning please contact us today.