Pipeline Operators: How OnPing can be part of your Cybersecurity Strategy

The Transportation Security Administration (TSA) has defined several important ideas around avoiding, mitigating and recovering from Cyber Security Infrastructure attacks. The OnPing system has been designed to work well in high security network environments. Whether using the full power of OnPing as a cloud hosted SCADA system or using it in many other possible configurations, OnPing allows Cybersecurity professionals and IT professionals alike to tailor the access needed for system use. 

Below is an outline of the systems in OnPing and how they can help you mitigate the cyber threats

posed in todays complex environments.

What is OnPing and the Lumberjack?

First, here is a diagram of the core of the OnPing interactions between cloud and field devices. 

​​

The Lumberjack is a local only edge computer that runs all data stores on an encrypted drive. These are single purpose devices that serve as the aggregation point for all data that is sent into OnPing. 

OnPing is a suite of cloud services available to its users, these include:

  • Data hosting
  • Alarming
  • Control
  • VPN Access 
  • Custom Scripting
  • Remote Device Management
  • Mapping 
  • Machine Learning and Anomaly Detection
  • Over the air software deployment and management

The NIST Cybersecurity Framework lays out the key ideas to “improve cybersecurity risk management in critical infrastructure” 

The key ideas of the NIST framework are:

Identify

In order to properly defend against cybersecurity threats, it is important to be able to identify potential critical systems. OnPing undergoes security audits regularly to ensure that we know what systems are most critical to our infrastructure. OnPings analytic tools can also help you identify critical systems paths in your own operational technology. 

OnPing can help you answer questions like:

  • Which systems have the most key data points?
  • Which systems initiate the most control? 

Protect

When people think of cybersecurity this is the layer they think of the most. OnPing shines in this area. OnPing creates a well defined encrypted access point between your IT and OT infrastructure. 

All disks where data is stored are encrypted. OnPing allows security updates to be distributed in timely and consistent ways to each device in the system. All data is transmitted with client initiated and encrypted connections to our secure cloud servers. 

OnPing is secure but it can also help make your sites more secure. Our session based VPN allows you to provide controlled access to contractors or other 3rd party agents that might need to access your equipment for a limited period of time. Often these sorts of VPN connections are handed out for a contract period and then forgotten about. OnPing automatically disables them after a specified duration. 

Detect

If someone does penetrate your systems it is important to discover this quickly. OnPing uses multiple layers of technology to detect intruders. We use AI code analysis systems to detect malicious code insertion in our codebase. We have log monitors and access logs available for every system and server in our cloud. 

OnPing can also be used to help you detect suspicious activity in your systems. A few detection capabilities in the OnPing platform are:

  • Audit Logs for all OnPing interactions
  • Anomaly detection alerts 
  • Variance alarms
  • Change notification capabilities

Respond

We take cybersecurity incidents seriously and maintain a plan for disseminating breaches and limiting damage. Our dedicated staff provides us with the ability to respond to any breach that might occur. 

OnPing can help your team mitigate the damage in the event of a security breach at your own organization. First, we have dedicated professionals available 24/7 to respond to these threats quickly and capably. Second, we can isolate machines, networks, users and systems to limit their ability to do further damage. 

Recover

Our systems are all redundant and backed up. We understand how to do both limited scope and major disaster recovery. Our continuous deployment environment allows us to quickly deploy patches or data updates as needed to fix problems that are found.

OnPing can help you recover as well. Using our edge devices allows you to disconnect devices from the main network and then still recover data quickly. We can roll out new devices and restore with cloud backup. If you want we can even help you deploy firmware and other operational systems to recover from breaches.

I hope this overview helps you understand the various ways we strive to keep your systems safe and work internally to secure our own systems. Cloud infrastructure is a very different model to standard ideas about security. We believe that this model is more secure because it allows you to right size each system and force each part to do only what it should.