The constant advances in smart grids combined with the proliferation of smart devices and improved data-driven energy efficiency are great news for utility companies. Yet, according to Intertrust’s Chief Commercial Officer & General Manager – Energy, Florian Kolb, this has also increased the risks posed by the security and reliability of data and devices connected to the broader energy system.
Smart grids are allowing utility companies to make smarter decisions, understand their customers better, and improve their profitability. As advances such as data virtualization unlock the full potential of secure utility data, smart grids are being powered by the improved availability of data collection, secure data processing, and sharing. Some of the challenges include the ever-present pressures of a competitive business environment, regulatory and social demands, and the constantly changing dynamics of electricity generation and sourcing.
The growth of Internet of Things (IoT) devices also presents utility companies an array of opportunities and challenges. The entry of companies like Google, Amazon, and most major electronics firms into the energy marketplace has fueled innovation and created a huge market for devices. It has expanded the potential for valuable data collection and secure data processing. However, the decentralized nature of smart energy grids and IoT networks has also created a massive security risk around the secure storage and sharing of data and the mitigation of potential data breaches caused by compromised devices.
The Challenges in Ensuring Secure Data Processing
Data collection, one of the pillars of smart grids, is a double-edged sword for utility companies. While on the one hand, it allows them to collect energy consumption and usage data—which helps them to adapt their models and improve user experience—it also creates significant risk in terms of how to securely transmit, store, and process that data.
This threat to secure data processing is greatly increased by the tens of billions of new avenues of attack that have been created through the explosion of IoT devices. While the upsides to greater use of secure utility data are clear, so are the potential consequences of attacks by hackers, including:
- Data being stolen or manipulated
- Intellectual property theft
- Regulatory fines
- Lost revenue through pirated services or lack of consumer trust
- Misuse or theft of devices (such as being harnessed for use in botnets)
- Unauthorized account access
However, in response to these threats, a number of counter-measures are being implemented to create a secure layer that can sit over datasets in order to keep them safe from attack.
Utility Data Virtualization and Security
One of the biggest changes in how utility companies store and process their data has been the development of technologies that allow the creation of virtualized datasets. Traditionally, data needed to be stored in data warehouses either on-premises or in the cloud, involving huge initial investment or high ongoing fees for third-party storage. However, these data warehouses still required transport and curation in order for the data to be processed. This presented a particular problem for utility companies that deal with widely diversified data inputs from devices and sensors.
By contrast and by design, data virtualization enables data to be collected into datasets to allow for processing wherever the data resides, cutting out the need for transportation and removing one of the biggest attack surfaces for hackers. Additionally, introducing a data-governance layer over these virtualized datasets allows for more fine-grained access control and data rights management. This secure data exchange platform is essential for ensuring regulatory compliance in terms of data privacy legislation such as GDPR, as well as empowering secure collaboration between numerous organizations with different relationships.
IoT Device Management and Secure Data Processing
IoT devices have changed how individual consumers go about their daily lives and have revolutionized the way that many companies do business through supply-chain optimization and improved customer service. These advances rely on IoT devices being able to securely interact with each other and efficiently share data.
This level of secure data processing can be achieved by creating trusted ecosystems and mutual authentication of devices. Device identity management works by provisioning individual devices with secure identities, either when they are created on the factory floor or are first installed. This identity then defines what kind of access the device has to the user’s ecosystem (e.g., to send usage data or to receive updates.)
For utilities and businesses, security and control are essential, and effective identity and access management depends on the use of public key infrastructure. Intertrust’s Seacert™ Certificate Authority provides industry-leading device security. It has already provisioned nearly 2 billion IoT devices with cryptographically secure identities that ensure a trusted connected ecosystem.
This allows businesses to perform secure data processing and analysis, confident in the integrity of their connected devices and the information they generate. Data is protected throughout its journey, from edge to cloud.
As they continue to scale their operations, energy and utility companies need to ensure that sensors, regulators, and other IoT devices can safely authenticate, communicate, and interact within evolving smart grid infrastructure. To find out more about securing energy IoT devices using next-generation PKI, read our in-depth brief here.
Secure data processing enables these companies to manage data operations around their mission-critical electrical grid data. With data virtualization, they can create secure datasets and share necessary data seamlessly with multiple stakeholders in the energy ecosystem in an agile process, using the best data security practices.
Stay tuned for part two of this series, where we dive deeper into the ways that secure data processing can help your business prosper.
About Shamik Mehta
Shamik Mehta is the Director of Product Marketing for Intertrust's Data Platform. Shamik has almost 25 years of experience in semiconductors, renewable energy, Industrial IoT and data management/data analytics software. Since getting an MSEE from San Jose State University, he’s held roles in chip design, pre-sales engineering and product and strategic marketing for technology products, including software solutions and platforms. He spent 6 years at SunEdison, once the world's largest renewable energy super-major, after spending 17 years in the semiconductor industry. Shamik has experience managing global product marketing, GTM activities, thought leadership content creation and sales enablement for software applications for the Smart Energy, Electrified Transportation and Manufacturing verticals. Shamik is a Silicon Valley native, having lived, studied and worked there since the early 90’s.