How to secure Oil & Gas assets in the age of the IIoT - part two

Louise Davis

The best way to leverage technology is to seek out an AIM software that utilises secure encryption, robust databases, and the option to host data either on-premises or in the cloud. While security experts had concerns about cloud hosting when the technology was in its infancy, these days it has become exponentially more secure – arguably even more so than on-premise servers. With automatic security controls in place, companies don’t have to invest the time and effort in protecting their on-premise data. There are fewer vulnerabilities to third-party access, no risks of physical access and better overall resiliency to threats such as natural disasters or fire. Additionally, the technology behind the cloud is always current and evolving automatically – unlike the manual process of updating and maintaining an array of physical hardware.

Advancements in AIM technology for Oil and Gas operations have led to the availability of software that offers securely encrypted cloud-based hosting. In fact, there are now field-based software tools that make it possible to conduct and manage asset inspections directly from the field via mobile tablet. 

To ensure that your asset data is protected, seek out a software that provides:

  • Robust database with secure encryption. This can be on-premises or in the cloud. Ideally, this should be an industry-standard database such as Oracle that professional DBAs can be hired to manage, audit and secure if on-site, rather than a proprietary system created by the AIM software developers.
  • A designated security feature designed to control access to data, establish a hierarchy of user access designations and automate security countermeasures within the software. This feature should be fully customisable, allowing the operators to adjust security functions, user levels, etc., according to their unique needs and goals.
  • Seamless regulatory compliance to all major regulatory industry codes (including ASME, API, OSHA, etc.). The software should be able to generate a customised report tailored to the specific industry standard with the click of a button – and securely retain all relevant data in a clear and transparent audit trail.
  • Integration with Microsoft Excel. As the industry catches up with digitalisation, there is still heavy existing use of Excel by engineers in the field. However, leaving critical asset data in Excel leaves it vulnerable to access and manipulation. An AIM software with Excel integration can extract all of that data and lock it securely into the AIM database where it is protected from alteration.
  • The ability to support Transport Layer Security (TLS) 1.2, the current industry standard for secure connections which provides defence against exploits like BEAST, POODLE and DROWN.
  • Mobile application with integration. The app should complement, connect to and seamlessly integrate with the larger AIM software – this helps mitigate data entry and human errors.
  • A quarantine feature for mobile asset inspection tools – one that places a hold on all inspection data received from the field so it can be thoroughly checked for quality assurance. 

Operators should also ensure that the AIM software selected comes with comprehensive support – this should include professional consultation and assistance with implementation, to ensure that the legacy data is properly sorted and populated; comprehensive training services to ensure that operators are aware of the most effective and secure methods for utilising the software; and ongoing technical support to assist with, prevent and/or rectify any breaches or threats.

The author is Dave Maguire, Senior Advisor – Asset Integrity, Metegrity.



Recent Issues