Strengthen the security of physical, digital infrastructure

In the propane industry, we have security risks at every turn.

We are used to talking about security awareness training for hazmat workers and site security plans to comply with the Department of Transportation. We have security threat assessment requirements for hazardous material endorsement holders to complete and renew through the Transportation Security Administration. We also have the Chemical Facility Anti-Terrorism Standards by the U.S. Department of Homeland Security.

As technology continues to advance, threats are everywhere and anywhere and can happen at any time. Any breach impacts your business financially and can jeopardize the well-being of employees and customers. Taking time to think about your security plans, both physical and digital, can make a difference in keeping your facilities and data safe.

Physical security

Physical security should protect facilities and safeguard the equipment as well as the data and software they contain, keeping unauthorized people out and allowing access to authorized people.

We typically think of physical security as fencing, gates, locks, structures and controlled entries. As effective as they can be, it is easy to forget that we also need to physically protect equipment and data. A physical security plan should combine hardware and technology. Considerations include:

• Site layout.
• Reliable power.
• Emergency response.
• Intrusion detection.

Physical security sometimes goes unobserved, as the attention goes to support digital concerns like hacking, computer viruses and spyware. Even though a breach in the building seems less likely, you have to be prepared for incidents such as accidents, power failures and natural disasters, which in the long term are certain.

Consider storing data off-site or at multiple sites with backup data to lessen your risk.

Cybersecurity

Cybersecurity means protecting data, networks and programs from digital attacks. Many companies provide this protection with software to secure information and protect against computer viruses.

Hackers use malware to exploit weaknesses in your software and hardware. Hacking is a way of penetrating your computer systems and interfering with their functioning. Cybercrimes can occur directly or by spreading viruses through targeted computers. These viruses can make a computer, network or even appliances or equipment unavailable to you. They can suspend temporarily or even permanently the connection to the internet.

Hackers can wait weeks or even months before triggering ransomware – all the while monitoring and navigating through your networks, trying to gain more access and control of your system and data. When triggered, ransomware can bring operations to a standstill and compromise the security of your data, which also likely contains customers’ personal information.

This is why you need to take physical and digital security seriously; cybersecurity threats are dangerous to the industry, and we all need to understand the importance of having a cyberdefense plan with consideration to:

• Protection.
• Identifying threats.
• Detection.
• Recovery.
• Response.

Use current antivirus software to protect your system and network settings, and be sure to establish a system to update passwords. Getting it right takes a lot of work with the right professionals and a cultural commitment to security.

Best practices are available from the Cybersecurity & Infrastructure Security Agency at cisa.gov. Below are resource documents located there:

• “Shields Up” Guidance.
• Protecting Against Ransomware.
• Protecting Against Malicious Code.
• Cyber Essentials Starter Kit

---

Randy Warner is product safety manager for Cavagna North America. He can be reached at randywarner@us.cavagnagroup.com.

NOTE: The opinions and viewpoints expressed herein are solely the author’s and should in no way be interpreted as those of LP Gas magazine or any of its staff members.