A finger pointing at a floating graphic of a pylon with a lightning bolt on it in red

Protecting Critical Data in The Energy Sector with Kingston IronKey Encrypted Drives

Protecting data has never been more important

In the energy sector, there has been a growing number of attacks centered on the industry, its processes and on the data that it holds. Many of these breaches are often front-page news, not only impacting the functions of the organization, but also the customer, causing untold financial and reputational damage.

Add to this the cost of regulatory compliance and the financial penalties resulting from successful breaches, and it becomes clear that ensuring the security of all endpoints has never been more important.

Challenge

A major player in the EMEA energy space needed to ensure they could protect endpoints while also empowering employees to continue to use portable data, whether in the office or carrying out critical functions in the field. The existing solution was the use of unencrypted USB drives, a practice that was quickly identified as a vulnerability.

Given the unique circumstances of how energy companies operate, where employees don’t always have connectivity to their core business systems, enabling portable storage continues to be a critical business requirement.

This means that, although the solution may appear simple, there are other considerations to make sure these endpoints are secure, but not at the expense of usability for employees. The use of seemingly draconian and obtrusive security measures can lead to the use of workarounds that are less secure, cannot be tracked, and that open the doors to nefarious applications and viruses.

At the same time – it is always prudent to incorporate wider layers of protection to mitigate risks – if the worst were to happen.

Solution

IronKey VP50 protecting the energy company’s sensitive data

Using our free Ask an Expert service, we consulted with this high-profile customer and were able to recommend a solution that would strike the right balance of military-grade security, scale and cost.

Through this recommendation, we ensured that it was also not process-prohibitive to make sure that employees are storing and transferring data in a secure manner, while also keeping out malware and viruses, a process that was previously using up an exhaustive amount of time for IT functions.

Our IronKey VP50 and DT4000G2DM encrypted USB flash drives enabled the organization to implement an affordable business-grade security USB drive for data in transit with 256-bit AES hardware-based encryption.

For best cost-efficiency, we were able to structure different levels of security based on the perceived risk to the organization, with our IKVP50 providing FIPS-197 level protection, scaling up to our DT4000G2DM for the highest level of protection with FIPS-140-2 Level 3, for the most critical data.

Regardless of which product was used, both had the ability to lock down and reformat the drive after 10 incorrect attempts in the event of unauthorized access.

As an extra measure, all drives were able to facilitate secure use of USB ports and to prevent the use of unsecure workaround processes, through whitelisting. Since this was also a specific requirement, our drives’ ability to integrate with a centralized management process means they have full control and audit of what is being transferred, and by whom, enabling them to lock down, at scale, if any threats are detected.

As a result, this energy provider is ensuring that their endpoints are secured against sophisticated attacks and that their data is secure, while ensuring compliance with regulatory standards.

#KingstonIsWithYou #KingstonIronKey

Kingston’s Ask an Expert icon on a circuit board chipset

Ask an Expert

Planning the right solution requires an understanding of your project's security goals. Let Kingston's experts guide you.

Ask an Expert

Kingston IronKey Articles

Related Articles