Oklahoma Municipal Power Authority Energizes Team’s Secure Remote Access with TAC

Oklahoma Municipal Power Authority Energizes Team’s Secure Remote Access with TAC

The Oklahoma Municipal Power Authority (OMPA) is a municipal joint-action agency created in 1981 for the purpose of providing an adequate, reliable and affordable supply of electrical power and energy to Oklahoma’s municipally owned electric systems. OMPA’s power supply comes from a variety of resources; wind, hydro, natural gas, coal and others. Fairview, Kingfisher, Laverne, Mangum, Pawhuska and Ponca City own small generating facilities, and when necessary OMPA schedules and purchases the generated power. OMPA presently serves 41 municipally owned electric systems across Oklahoma. As a consumer-owned public power entity, OMPA allows members the financial benefits of a large utility while enabling them to maintain control of their local electric utility.

 
municipally owned electric systems
0

The Oklahoma Municipal Power Authority (OMPA) is a municipal joint-action agency created in 1981 for the purpose of providing an adequate, reliable and affordable supply of electrical power and energy to Oklahoma’s municipally owned electric systems. OMPA’s power supply comes from a variety of resources; wind, hydro, natural gas, coal and others. Fairview, Kingfisher, Laverne, Mangum, Pawhuska and Ponca City own small generating facilities, and when necessary OMPA schedules and purchases the generated power. OMPA presently serves 41 municipally owned electric systems across Oklahoma. As a consumer-owned public power entity, OMPA allows members the financial benefits of a large utility while enabling them to maintain control of their local electric utility.

 
municipally owned electric systems
0

THE ENERGY SECTOR – AN ALLURING TARGET FOR CYBERATTACKS

The energy sector’s infrastructure provides an alluring target for cybercriminals and malevolent nation states looking to disrupt and damage operations. New technology inventions – such as Internet of Things (IoT) sensors, smart meters and cloud services – are being integrated across the energy sector with legacy hardware and software systems to provide more efficient delivery of power to consumers and enhance customer service. The problem is that patches on these dated legacy systems can’t keep up with the evolving threats, while the new innovations within the industry provide even more entry points for possible attacks.

The geopolitical attacks on utilities in the Ukraine in 2015 and 2016, including one in the capital, Kiev, showed the extent of damage that can occur from a cyberattack – not only by inconveniencing consumers, causing financial losses, and damaging the utility’s reputation, but also by fomenting civil unrest. Since then, high-profile attacks on power grids have continued, providing a stark relief to the significant vulnerabilities of traditional approaches to infrastructure security. The risks are so great to public safety and the environment that security is a top agenda item at board meetings for energy organizations around the world.

THE ENERGY SECTOR – AN ALLURING TARGET FOR CYBERATTACKS

The energy sector’s infrastructure provides an alluring target for cybercriminals and malevolent nation states looking to disrupt and damage operations. New technology inventions – such as Internet of Things (IoT) sensors, smart meters and cloud services – are being integrated across the energy sector with legacy hardware and software systems to provide more efficient delivery of power to consumers and enhance customer service. The problem is that patches on these dated legacy systems can’t keep up with the evolving threats, while the new innovations within the industry provide even more entry points for possible attacks.

The geopolitical attacks on utilities in the Ukraine in 2015 and 2016, including one in the capital, Kiev, showed the extent of damage that can occur from a cyberattack – not only by inconveniencing consumers, causing financial losses, and damaging the utility’s reputation, but also by fomenting civil unrest. Since then, high-profile attacks on power grids have continued, providing a stark relief to the significant vulnerabilities of traditional approaches to infrastructure security. The risks are so great to public safety and the environment that security is a top agenda item at board meetings for energy organizations around the world.

“with a workforce that is often spread to remote locations across our state, it is imperative that end users have easy, secure access to critical applications, wherever they are working.”

with a workforce that is often spread to remote locations across our state, it is imperative that end users have easy, secure access to critical applications, wherever they are working.

OMPA’S CHALLENGE – SOLID, SECURE REMOTE ACCESS

“Security is paramount for OMPA, but so is ease of use,” said James Crabbe, the Network Specialist at OMPA. “With a workforce that is often spread to remote locations across our state, it is imperative that end users have easy, secure access to critical applications, wherever they are working.” Prior to TAC, OMPA relied on a virtual private network (VPN) for remote access so users could send and receive data. But more and more frequently, Crabbe found, the VPN was down. Another issue was that end users across all departments were required to use only company issued devices – domain-joined machines that didn’t work sometimes, for instance, when a router went down. And even OMPA’s field radios, which use Cisco Earth, often couldn’t connect through the VPN because of authentication issues. These challenges led the Authority to seek an alternative to provide a more secure and reliable solution for remote access. After searching and evaluating various solutions for a year, OMPA turned to Total Access Control.

“Once we publish something locally in our environment, we can now extend it for remote access using TAC,” said Crabbe. “Our end users just have to go into a browser, pop in their credentials, and then they can access anything remotely just as if they are accessing it locally in the office.” TAC makes security simpler, stronger and more unified, offering customers an all-inclusive approach to secure access to valuable resources wherever they may reside, local or cloud. TAC brings together multiple security and access technologies – including VPN, SSL/VPN, SSO, Portal, Multifactor Authentication, MDM, Application Firewall, Cloud Access Control and more – into a single, scalable solution that manages access across the enterprise. OMPA can also use multiple factors for authorization within TAC based on context of access that go beyond traditional credentials such as username and password. OMPA can now set security policies within TAC that check many factors including the location of the remote access, device security, and whether the anti-virus and security certificate for the accessing device are up to date. If TAC determines an OMPA user’s credentials are valid but the context of access is untrusted, TAC can take several precautions, including restricting access to certain applications, disabling the ability of users to save files to their remote devices, or preventing them from using the clipboard. The intelligence

built within TAC serves as an arbiter to securely decide on the front end who gets access to what application at any given time. This insulates OMPA from the risks of security breaches while not crippling their end users, so they can still be productive from remote locations, whether at home or on the road throughout Oklahoma.

OMPA’S CHALLENGE – SOLID, SECURE REMOTE ACCESS

“Security is paramount for OMPA, but so is ease of use,” said James Crabbe, the Network Specialist at OMPA. “With a workforce that is often spread to remote locations across our state, it is imperative that end users have easy, secure access to critical applications, wherever they are working.” Prior to TAC, OMPA relied on a virtual private network (VPN) for remote access so users could send and receive data. But more and more frequently, Crabbe found, the VPN was down. Another issue was that end users across all departments were required to use only company issued devices – domain-joined machines that didn’t work sometimes, for instance, when a router went down. And even OMPA’s field radios, which use Cisco Earth, often couldn’t connect through the VPN because of authentication issues. These challenges led the Authority to seek an alternative to provide a more secure and reliable solution for remote access. After searching and evaluating various solutions for a year, OMPA turned to Total Access Control.

“Once we publish something locally in our environment, we can now extend it for remote access using TAC,” said Crabbe. “Our end users just have to go into a browser, pop in their credentials, and then they can access anything remotely just as if they are accessing it locally in the office.” TAC makes security simpler, stronger and more unified, offering customers an all-inclusive approach to secure access to valuable resources wherever they may reside, local or cloud. TAC brings together multiple security and access technologies – including VPN, SSL/VPN, SSO, Portal, Multifactor Authentication, MDM, Application Firewall, Cloud Access Control and more – into a single, scalable solution that manages access across the enterprise. OMPA can also use multiple factors for authorization within TAC based on context of access that go beyond traditional credentials such as username and password. OMPA can now set security policies within TAC that check many factors including the location of the remote access, device security, and whether the anti-virus and security certificate for the accessing device are up to date. If TAC determines an OMPA user’s credentials are valid but the context of access is untrusted, TAC can take several precautions, including restricting access to certain applications, disabling the ability of users to save files to their remote devices, or preventing them from using the clipboard. The intelligence

built within TAC serves as an arbiter to securely decide on the front end who gets access to what application at any given time. This insulates OMPA from the risks of security breaches while not crippling their end users, so they can still be productive from remote locations, whether at home or on the road throughout Oklahoma.

ONCE WE PUBLISH SOMETHING LOCALLY IN OUR ENVIRONMENT, WE CAN NOW EXTEND IT FOR REMOTE ACCESS USING TAC.

ONCE WE PUBLISH SOMETHING LOCALLY IN OUR ENVIRONMENT, WE CAN NOW EXTEND IT FOR REMOTE ACCESS USING TAC.

POLISHING CHROME FOR BETTER ACCESS

Unlike traditional approaches to RDP deployments, TAC enables OMPA to seamlessly check on the context of access for remote users before granting access to critical local and cloud applications. Enhanced security policies within TAC confirm users are who they claim to be, and whether the workstations or methods of communication being used remotely as endpoints can be trusted. “The HTML5 capabilities being rolled out in TAC will also be a big step up for us,” said Crabbe. “This is my favorite feature of TAC. Since our team uses Chrome devices, they won’t have to depend on an RDP client to open up applications anymore. Everything they need at home or on the road will be available through their browsers with TAC.” The OMPA team publishes SharePoint, Virtual Desktop Infrastructure (VDI), and legacy and

proprietary business line applications such as DocLink to TAC. Crabbe said a big advantage of TAC over traditional VPNs is the browser-based File Access feature that was developed by PortSys using HTML5 and responsive design. Previously, OMPA’s end users were not able to access Excel spreadsheets from remote locations. “TAC’s File Access provides OMPA a more efficient, streamlined approach for our end users to access information, without the security risks presented by a traditional VPN,” said Crabbe. “We can now optimize easy access through a browser for most of the file formats that we use at OMPA.” Context of access policies set within TAC allow Crabbe to enable or restrict the ability of users to edit or download files, regardless of where they are hosted within the organization’s infrastructure. “We like that TAC also offers the ability to provide users read-only access to files, for instance, if a request originates from an untrusted device,” said Crabbe. Authentication and security policies set by OMPA can block access or grant access on a read-only basis. Read-only allows authorized users to see files on an untrusted device, but still protects OMPA by preventing unauthorized users from downloading or editing mission-critical files.

“Our end users say file access through TAC is easier, because they can access what they need through a browser instead of an unreliable VPN,” said Crabbe. “Overall, TAC was easy to deploy, manage and maintain, and the support has been wonderful since we brought PortSys in two years ago.”

POLISHING CHROME FOR BETTER ACCESS

Unlike traditional approaches to RDP deployments, TAC enables OMPA to seamlessly check on the context of access for remote users before granting access to critical local and cloud applications. Enhanced security policies within TAC confirm users are who they claim to be, and whether the workstations or methods of communication being used remotely as endpoints can be trusted. “The HTML5 capabilities being rolled out in TAC will also be a big step up for us,” said Crabbe. “This is my favorite feature of TAC. Since our team uses Chrome devices, they won’t have to depend on an RDP client to open up applications anymore. Everything they need at home or on the road will be available through their browsers with TAC.” The OMPA team publishes SharePoint, Virtual Desktop Infrastructure (VDI), and legacy and

proprietary business line applications such as DocLink to TAC. Crabbe said a big advantage of TAC over traditional VPNs is the browser-based File Access feature that was developed by PortSys using HTML5 and responsive design. Previously, OMPA’s end users were not able to access Excel spreadsheets from remote locations. “TAC’s File Access provides OMPA a more efficient, streamlined approach for our end users to access information, without the security risks presented by a traditional VPN,” said Crabbe. “We can now optimize easy access through a browser for most of the file formats that we use at OMPA.” Context of access policies set within TAC allow Crabbe to enable or restrict the ability of users to edit or download files, regardless of where they are hosted within the organization’s infrastructure. “We like that TAC also offers the ability to provide users read-only access to files, for instance, if a request originates from an untrusted device,” said Crabbe. Authentication and security policies set by OMPA can block access or grant access on a read-only basis. Read-only allows authorized users to see files on an untrusted device, but still protects OMPA by preventing unauthorized users from downloading or editing mission-critical files.

“Our end users say file access through TAC is easier, because they can access what they need through a browser instead of an unreliable VPN,” said Crabbe. “Overall, TAC was easy to deploy, manage and maintain, and the support has been wonderful since we brought PortSys in two years ago.”

everything they need at home or at the road will be available through their browsers with tac

everything they need at home or at the road will be available through their browsers with tac

LOOKING TO THE FUTURE

Outside of the current internal end users, OMPA’s member municipalities still rely on their own VPNs to connect remotely with the Authority. However, with the recent launch of TAC’s HTML5 capability, Crabbe said that also could change in the future. “Right now, the only way for member municipalities to reach us remotely is through their own VPN,” Crabbe said. “But with TAC, in the future we should be able to publish our applications so they can securely access them through a web browser. TAC is more secure, we own it, and there aren’t any of the usual worries about back-end configuration to complicate matters. It is a big improvement that should have positive implications not just for our internal users, but also down the road for our member municipalities.”

LOOKING TO THE FUTURE

Outside of the current internal end users, OMPA’s member municipalities still rely on their own VPNs to connect remotely with the Authority. However, with the recent launch of TAC’s HTML5 capability, Crabbe said that also could change in the future. “Right now, the only way for member municipalities to reach us remotely is through their own VPN,” Crabbe said. “But with TAC, in the future we should be able to publish our applications so they can securely access them through a web browser. TAC is more secure, we own it, and there aren’t any of the usual worries about back-end configuration to complicate matters. It is a big improvement that should have positive implications not just for our internal users, but also down the road for our member municipalities.”

Oklahoma Municipal Power Authority Energizes Team’s Secure Remote Access With TAC

data sheet

Oklahoma Municipal Power Authority Energizes Team’s Secure Remote Access With TAC

You may be interested in these materials

Financial Services Firm Finds PortSys Total Access Control Addresses Risk-based Security 

ZS Solves Office 365 Security Issue with PortSys TAC

TAC’s Zero Trust Access Helps UK County Council Improve Productivity, Gain Granular Access Control

Total Access Control Provides Zero Trust Application Access for Financial Services Firm

University Hospital Gets the Most Out of Mobility with Total Access Control