If you don’t know what’s on your network at all times — if you can’t control what gets on — you put that network and the assets behind it at risk. That is true in any industry, but nowhere are the stakes higher than in critical infrastructure — the electric grid, oil and gas pipelines, water treatment plants, and other key enablers of modern life that people take for granted unless something goes wrong.

Many critical infrastructure equipment and control systems are now part of IP networks, with all the advantages that result (process efficiencies, greater agility, remote monitoring/maintenance, lower costs, etc.). But these same IP networks also make Industrial Control Systems (ICS) more vulnerable to cyber attacks from compromised endpoint devices and unauthorized users.

Recent attacks have made network security top of mind for ICS administrators and others responsible for protecting this infrastructure. A recent congressional survey of more than 100 companies accounting for much of the nation’s power system, found that more than a dozen companies reported “daily,” “constant” or “frequent” cyber attack attempts, with one company reporting it was the target of about 10,000 attempted cyber attacks monthly.

To address these threats critical infrastructure providers need to utilize traditional IT security technologies, such as network access control (NAC) and mobile device management (MDM), to help minimize the threats they face.

NAC solutions, for example, provide endpoint visibility and access control based on pre-defined security policies. These solutions identify every user and his or her device as its attempts to join the network, ensure it’s compliant, and give network access for which it is authorized. NAC will block a device its unknown, non-compliant or rogue and detect and respond to suspicious post-connect activity such as when someone unplugs an authorized device and tries to replace it with something else in order to gain access. This complete endpoint visibility and real-time access control can be applied to any device with an IP address, whether a laptop, a printer, or a control system for a nuclear reactor.

NAC aligns closely with regulations put in place by The North American Electric Reliability Corporation (NERC) — the entity that regulates the reliability standards for power and utility companies. NERC recently updated its regulations to address the risk of cyber attacks and make compliance requirements stricter. Of the NERC standards, Critical Infrastructure Protection (CIP) addresses the security of electronic perimeters and protection of critical assets.

Lock Down Your Critical Infrastructure — And Be Able to Prove It 

We now live in a world where almost every device could conceivably connect to your network. With so much at stake, you need complete endpoint visibility and real-time access control to block unsafe devices from the network and make sure that authorized devices go only where they belong. That’s why more and more energy and utility companies rely on NAC to ensure the integrity of their networks, comply with regulations and keep the lights on, our houses heated, the water flowing and provide the other vital needs we all depend on.

Tom Murphy is Chief Marketing Officer at Bradford Networks.