Engineers wearing PPE working at energy construction site

How an Energy Specialist Protected Their Partner's IP with Kingston IronKey

Nov 2022
Blog Home

Protecting Your Intellectual Property Is Fundamental in the Energy Industry

There are a few characteristics that make the energy sector especially vulnerable to cyber threats, making energy companies a rich target for cybercriminals. Utilities have an ever-increasing attack surface arising from their difficult-to-harden dispersed geographic and third-party supply chain relationships. The energy industry, like most others, has seen an increasing number of cyber-attacks on its intellectual property (IP) and business-critical data. These breaches can have a detrimental effect on organizations with negative press, reputational damage, financial implications, and loss of IPs to competitors. Combine this with regulations like GDPR and potential financial fines as a result of breaches. For all organizations, ensuring all endpoints are secure and can be audited is so important.

Challenge

A leading global specialist partner in the energy industry carried out an IT security assessment across their entire device portfolio. The current strategy allowed all employees to access company data and use any storage device they brought in and plug it into their network. The risk to the organization based on the current endpoint device management strategy was very high. Corrective action was therefore required to mitigate further risk of malware or intellectual property being saved on personal storage devices, removed from the organization, being lost, and/or falling into the hands of a competitor, which would be detrimental for the organization. They also reviewed what type of data employees may need access to via portable storage.

They decided that all office-based employees connected to the network could use SharePoint or similar cloud-based sharing tools to save and share data, which was approximately 60% of the work force. The remaining 40% of employees with field-based jobs would need to be able access the company data outside the Wi-Fi network when on site, on oil rigs for example. They would require an easy-to-use encrypted portable device. They needed to ensure that the new solution they rolled out could be approved and managed by their own endpoint management software. The energy industry specialist partner was also looking to set policies so that unauthorized storage devices cannot be used within their network and will be rejected by their endpoint management based.

The mechanical machine sector of the energy industry is quite niche and extremely competitive, so they knew it was important to roll out this new end point management strategy as quickly as possible to mitigate the risk of losing any intellectual properties, such as machine design patents.

Solution

IronKey VP50 standing vertically on a desk

To support the specialist energy industry partner with their request, we offered our free Ask an Expert service. During the initial call, we were able to establish exactly what the organization were trying to achieve with their new endpoint management project. After these meetings/calls, we were able to recommend a potential solution that would enable them to use their current active directory and deploy a user-friendly encrypted USB solution to their field services and engineering teams. It allowed them to have the perfect mix of business-grade security, scale, and cost.

Since one of their key requirements was the ability to provide approved encrypted USB drives to their employees, we achieved this by leveraging one of our customization program’s options to assign custom PIDs (Product ID) unique to their organization. This custom PID allowed their organization to approve this PID with standard end-point management software so that only the Kingston IronKey encrypted USB drives purchased for their organization will function at the endpoints. It means they will have control over what drives could be used within their organization and they had ability to audit all data files downloaded. It also means they will control who is using their end-point management software, protecting the organization’s IP and sensitive data.

By deploying our IronKey Vault Privacy 50 encrypted USB drives, the organization was able to implement a cost-effective user-friendly business-grade security USB drive for sensitive data on the move with AES 256-bit hardware-based encryption in XTS mode.

To support further security, flexibility, and offer peace of mind, the IronKey VP50 supports multi-password (Admin, User, and One-Time Recovery) options with Complex or Passphrase modes. This enhances the ability to recover access to the data if one of the passwords is forgotten. Traditional Complex mode allows for passwords from 6-16 characters using 3 out of 4 character sets. The new Passphrase mode allows for a numeric PIN, sentence, list of words, or even lyrics from 10 to 64 characters long. Admin can enable a User and a One-Time Recovery password or reset the User password to restore data access. Brute force attack protection locks out User or One-Time Recovery passwords upon 10 invalid passwords entered in a row and crypto-erases the drive if the admin password is entered incorrectly 10 times in a row.

This specialist energy industry deployed over 300 Kingston IronKey VP50 encrypted USB drives remotely via mail to their field-based employees in over 30 countries and achieved 100% usage compliance with very positive feedback on ease of use.

As a result, this energy specialist partner is ensuring that their endpoint management policy is more secure by blocking unauthorized USB Flash drives, helping to keep their intellectual property and sensitive date safe on hardware-encrypted drives. This roll-out has also ensured that their organization is complying with regulatory standards.

#KingstonIsWithYou #KingstonIronKey

Kingston’s Ask an Expert icon on a circuit board chipset

Ask an Expert

Planning the right solution requires an understanding of your project's security goals. Let Kingston's experts guide you.

Ask an Expert

Related Articles

Blog Home