Upload
jim-mcgowan
View
132
Download
0
Embed Size (px)
Citation preview
www.CyberLock.com
Presented By
• The leading supplier of key-centric access control systems
• Based in Corvallis, Oregon
• America’s most innovative city*
2
• James T. McGowan
• Technology & security industry veteran
• Vice President of Sales & Marketing
* Most patents per 100,000 people as measured by scale-adjusted metropolitan indicators from the online journal of the Public Library of Science.
Presented By:
www.CyberLock.com
Objective
If you are involved in the
physical security of water management infrastructure . . .
this webinar is for you.
3
www.CyberLock.com
Security Challenges
• Geographically wide-spread installations
• Industry-specific infrastructure and equipment
• Minimal physical security ‘guidelines’
• High-profile target
Why is security so challenging for water districts?
4
www.CyberLock.com
The Metropolitan Water District of Southern California • 5,200 mi2 (13,000 km2)area • 14 cities/12 water districts • 18 million people
Challenge #1
5
The Geography of Water Is Extensive:
It takes a lot of territory to manage:
� Source � Distribution � Storage � Consumers � Treatment � Wastewater
Consider:
www.CyberLock.com
Challenge #2
6
Water Management Infrastructure & Equipment:
Innovative solutions are needed to secure unique equipment:
• Gates � Filters � Tanks • Pipes � Valves � Chemicals • Pumps � Reservoirs � Facilities
www.CyberLock.com
Challenge #3
• Few address water security: • Homeland Security Presidential Directives (HSPDs)
• HSPD 7: Critical Infrastructure Identification, Prioritization, and Protection (Makes EPA the lead)
• Executive Orders • 13636 – Improving Critical Infrastructure Cybersecurity (2013)
• Laws • Public Health Security and Bioterrorism Preparedness and Response Act (2002)
o Title IV: Vulnerability Assessments & Emergency Response Plans
• Guidelines • The Water Security Research & Technical Support Action Plan (2004)
• Security Practices for Operations and Management ANSI/AWWA G430-09
7
• Most regulations address water quality: • i.e. Clean Water Act (CWA), Safe Drinking Water Act (SDWA)
www.CyberLock.com
Challenge #4
Critical Infrastructure Is a Target
• High demand
• Low supply
• Needed/used by all
• High-impact target
8
www.CyberLock.com
Security Solution
Guidelines point to: “Access Control and Intrusion Detection”
• Creates a closed and secure watershed
• Secures spread-out assets
• Secures unique equipment
• Controls access
• Maintains records of key holder use
• Generates audit trails
• Affordable
• Scalable
A primary theme in the regulations is finding a solution that
detects, deters, and delays potential threats to the facility.
9
www.CyberLock.com
Security Options
• Mechanical Solution Master Key System
Delay
• Lock-Centric Solution Key Card System
Detect, Deter, Delay
• Key-Centric Solution Electronic Locks & Keys
Detect, Deter, Delay
10
www.CyberLock.com
What is Key-Centric?
Provides electronic access control to locks without power:
11
4 Components:
• Intelligent cylinders that replace mechanical cylinders
• Smart keys that hold permissions, store usage
information, and energize the lock • Access control management software that
drives the system
11
www.CyberLock.com 12
System Comparisons
Feature Mechanical Key
Lock Centric
Key Centric
Low Initial Investment Build As You Grow Beyond the Door Low Impact Install No Power Concerns Pick Resistant Key Control Scheduled Access Audit Trails
www.CyberLock.com 13
System Comparisons
Feature Mechanical Key
Lock Centric
Key Centric
Low Initial Investment Build As You Grow Beyond the Door Low Impact Install No Power Concerns Pick Resistant No Key Duplication Set Access Permissions Audit Trails
Feature Mechanical Key
Lock Centric
Key Centric
Low Initial Investment X Build As You Grow X Beyond the Door X Low Impact Install X No Power Concerns X Pick Resistant Key Control Scheduled Access Audit Trails
www.CyberLock.com 14
System Comparisons
Feature Mechanical Key
Lock Centric
Key Centric
Low Initial Investment Build As You Grow Beyond the Door Low Impact Install No Power Concerns Pick Resistant No Key Duplication Set Access Permissions Audit Trails
Feature Mechanical Key
Lock Centric
Key Centric
Low Initial Investment X Build As You Grow X Beyond the Door X Low Impact Install X No Power Concerns X Pick Resistant No Key Duplication Set Access Permissions Audit Trails
Feature Mechanical Key
Lock Centric
Key Centric
Low Initial Investment X Build As You Grow X Beyond the Door X Low Impact Install X No Power Concerns X Pick Resistant X Key Control X Scheduled Access X Audit Trails X
www.CyberLock.com 15
System Comparisons
Feature Mechanical Key
Lock Centric
Key Centric
Low Initial Investment Build As You Grow Beyond the Door Low Impact Install No Power Concerns Pick Resistant No Key Duplication Set Access Permissions Audit Trails
Feature Mechanical Key
Lock Centric
Key Centric
Low Initial Investment X Build As You Grow X Beyond the Door X Low Impact Install X No Power Concerns X Pick Resistant No Key Duplication Set Access Permissions Audit Trails
Feature Mechanical Key
Lock Centric
Key Centric
Low Initial Investment X Build As You Grow X Beyond the Door X Low Impact Install X No Power Concerns X Pick Resistant X No Key Duplication X Set Access Permissions X Audit Trails X
Feature Mechanical Key
Lock Centric
Key Centric
Low Initial Investment X X Build As You Grow X X Beyond the Door X X Low Impact Install X X No Power Concerns X X Pick Resistant X X Key Control X X Scheduled Access X X Audit Trails X X
www.CyberLock.com
Key-Centric Overview
• Electronic cylinders are installed
• Smart keys are programmed and issued
• Access activity is downloaded & new schedules are uploaded
• Audit trails & reports are created and distributed
16
www.CyberLock.com
Key holders access locks
Schedules & permissions are set in software
Access activity is uploaded into software
1 3
5
Updating permissions and downloading access activity
occur simultaneously
Key-Centric In Action
Key holders update permissions via
downloading devices
2
Key holders download activity via downloading
devices
4
17
www.CyberLock.com
Locks
18
Replace Existing Cylinders
Features • Intelligent locks • Fit all kinds of lock housings • No power/wiring needed
• Power comes from key • High security options
Benefits • Install anywhere • Install on virtually anything • Secure remote assets • Delay & deter
www.CyberLock.com
Keys
19
Program & Distribute Smart Keys
Features • Key energizes lock
• Validates credentials • Holds schedules & permissions • Remembers every touch • Easy to reconfigure Benefits • Efficient use of keys (one key) • Deactivate lost keys • Only authorized personnel can
gain access • Detect & deter
www.CyberLock.com
Downloading Devices
20
Authorize Access
Features • Interface to software • Easy to update • Docking the key:
• Downloads audit trails • Uploads new system info
Benefits
• Made for wide-spread assets • Easy management of
employees & contractors
www.CyberLock.com
Software
21
View & Manage Access
Features • Set schedules & permissions • Monitor access events • Disable access • Provide one time access
Benefits
• Monitor access activity • Generate audit trails • Automate notifications • Detect
www.CyberLock.com
Review
Recommendations
• Perform a Vulnerability Assessment (VA)
• Create an Emergency Response Plan (ERP)
• Install a key-centric access control system
• Distribute smart keys and train your team
• Review and analyze access patterns and trends
• Adjust access control process and privileges accordingly
22
www.CyberLock.com
CyberLock
The Leader in Key-Centric Access Control • Proven:
• Launched in 2000
• Over 1 million CyberLocks installed in 50+ countries
• Flexible: • 300+ lock designs
• Multiple keys & downloaders
• Browser-based software
• Scalable: • Simple to install, easy to expand
• Supports 3rd party integration
23
CyberLock helps improve your ability to detect, deter, and delay threats to your system.
www.CyberLock.com
Seattle Public Utilities
Case Study: Seattle Public Utilities
• Application: Managing Access to Watersheds
• Challenge: To track and electronically document traffic in and out of facilities and watershed areas; to meet Federal Critical Infrastructure Guidelines for municipal water supplies
• Benefit: CyberLock helped secure all the entrances to the watershed that could not be serviced with automated gates due to no available power and communication lines; gave additional control over the access of contractors, employees, and researchers throughout the watersheds; facilitated compliance with Department of Health regulations & Federal Guidelines for securing critical infrastructure.
24
www.CyberLock.com
EPA’s Water Security Web Page: http://epa.gov/safewater/watersecurity y
The Water Security Research &
Technical Support Action Plan
Water Security Resources
25
AWWA Water Security Web Page: http://www.awwa.org/legislation-regulation/issues/utility-security.aspx
Security Practices for Operation and Management
www.CyberLock.com
For More Information
• On the web: www.cyberlock.com
• Via email: [email protected]
• Via phone: 541-738-5500
26