• Welcome, Utilities
• Specifying and Using MultiSpeak
• Security Guide
• User Guide
• Product Testing
  • Tested Products: Version 1
  • Tested Products: Version 2
  • Tested Products: Version 3
• Demos
• Integrator List - Getting Help

Security Guide

Many trends in the electric utility industry have increased the importance of adequate cyber security. 

It is important to realize that services that are implemented to enhance the security of MultiSpeak messages do not constitute a comprehensive approach to cyber-security. Complete security will require the implementation a comprehensive security policy.  Utility staff members concerned with implementing MultiSpeak data exchanges or the utility’s security policy should carefully consider the potential security risks of MultiSpeak messaging and adopt appropriate countermeasures. 

NERC CIP requirements often apply to the utilities that might apply MultiSpeak, but even if this is not the case, data security is becoming a necessary business practice in today’s world.  MultiSpeak makes some provisions for data security using secure sockets layer (SSL) encryption and authentication, but complex application interactions may require more than just SSL for complete security. An enterprise service bus (a form in which MultiSpeak can be applied) can consistently provide additional security for all data communications, enterprise-wide.

The important point is that the user needs to implement MultiSpeak in the context of a comprehensive IT security plan.

A MultiSpeak Secure Implementation (PDF) document has been produced. It discusses some of the IT security issues that are specifically related to data exchange and interoperability of application software. This document also outlines for the utility staff members how data exchanged using MultiSpeak messages may be secured.

 

MultiSpeak is an initiative of the National Rural Electric Cooperative Association | 4301 Wilson Boulevard, Arlington, VA 22203 | Privacy Policy