At a Glance
3 min read

How Cyolo Helps You Achieve Compliance: TSA SD2021-02C

Overview of TSA SD2021-02C

Transportation Security Administration (TSA) Directive SD2021-02C came into effect on July 27, 2022. This regulation applies to owners/operators of hazardous liquid and natural gas pipelines or liquefied natural gas facilities deemed critical by the U.S. Transportation Security Administration.

The directive requires adherence to security controls that include: multi-factor authentication (MFA), network segmentation, monitoring, and filtering traffic between networks among other requirements to prevent disruption and degradation to their infrastructure.

Overview of Cyolo PRO

Cyolo PRO (Privileged Remote Operations) is an advanced, infrastructure-agnostic secure remote access solution built to mitigate the risks of remote access to mission-critical assets. Cyolo PRO’s decentralized architecture provides exceptional flexibility and can seamlessly adapt to all environments (cloud-connected, cloud-averse, and offline) without change management.

Common challenges Cyolo PRO solves include:

  • Ensuring rapid, secure, and safe support and maintenance for OT environments

  • Safely connecting third-party vendors and contractors to OT environments with no agents or end-user downloads required

  • Adding multi-factor authentication (MFA) to legacy systems that do not natively support modern identity authentication

  • Securing all access points to mission-critical assets, whether remote or on-premise

  • Implementing segmentation, supervision, session recording, and other requirements of industry and regional compliance mandates

Cyolo PRO/TSA SD2021-02C Alignment



Cyolo PRO Capabilities

Control Type


Multi-factor Authentication (MFA)

Provides MFA to all user accounts (service, shared, individual, etc.) in isolated, hybrid or cloud environments.



Least privilege access rights and separation of duties

Provides user access rights based on individual, group, role or location.



Shared accounts limited through least privilege and separation of duties

Provides shared account access rights based on individual, group, role or location.



Access to shared account credentials restricted

Denies direct access to shared account credentials.



Incident isolation controls

Enables operational staff (manually or via a SOAR or other automation tool) to restrict access to users or resources provisioned within the platform.



Patching deficiency mitigation

Enables operational staff to apply controls and restrictions to resources in order to mitigate risks and maintain operational availability.



Compliance attestation - Log files

Retains log files of platform usage and is configured to feed into other log aggregation platforms.



Compliance attestation - Other

Provides session recording capabilities that enable the organization to have fully auditable user session information.


Control Type Description

Provides: Provides information to give directly to auditor or feeds data into an artifact

Validates: Can be used to prove whether another control(s) is present and/or working

Supports: Feeds information into another system or processes which serve the requirements


Cyolo PRO not only helps organizations comply with requirements of the TSA SD2021-02C directive but also empowers them to overcome additional challenges associated with oil and gas environments. These challenges include the deploying of technology in areas where computational infrastructure does not exist (oil fields, remote valves/controls, hard to reach pipeline controls, etc.), in harsh environments, and in locations where bandwidth is limited or non-existent. This is possible because Cyolo PRO is purpose-built to deploy on a platform that is small form factor (ruggedized Raspberry Pi-size devices) and uses low bandwidth (4G/5G, Fractional T, etc.).

In addition, Cyolo PRO reduces hard costs by minimizing truck rolls and other travel to remote locations to perform monitoring, patching, and maintenance. The solution also enables organizations’ existing staff to be more productive, to improve security, and to enhance safety without requiring additional staff or resources.

Schedule a demo and begin your path to TSA SD2021-02C compliance today.

Subscribe to Our Newsletter