A leading power plant operator, Rapac Energy, was looking to securely provide access to their OT and SCADA systems to external suppliers, global support teams and customers. The new solution had to provide multiple security features that comply with stringent requirements, both regulatory and directed by Rapac Energy’s CISO.
Rapac Energy’s network is isolated and disconnected from the public internet. Yet, employees need to connect with external global support teams and customers. Rapac partners with Siemens Energy service teams in Germany, Italy, and the Czech Republic. These teams provide online support to the power plants. In addition, Rapac’s customers need visibility into the plant’s data, for example to monitor their levels of electricity consumption.
This need became especially pressing during the Covid-19 pandemic. Support teams that previously flew in from Europe to visit the plants on-premises were grounded. Yet, Rapac Energy’s operation team still required a continuous line of commu- nication with them and the ability to work simultaneously The solutions they were using in the meantime, like video calls, were slow and unreliable. Actions and changes took days instead of seconds.
Therefore, Rapac’s network security access requirements were both external and internal: including features like two-factor authentication (2FA) before entering the network, and auditing and session recording inside the network.
Rapac Energy had used a virtual private network (VPN) in the past, but access was slow, usage was bulky, and employees were frustrated. Prior to discovering Cyolo, Rapac’s CISO believed he would have to build the solution he needed by stringing together multiple applications and systems. From his past experience, he knew this could create a lot of friction and was not guaranteed to work.
Finding a single solution to provide secure access to all environments, including OT and SCADA systems
Secure access for third parties and customers around the world
Recording and auditing of user sessions
One tool to remotely connect employees, third party suppliers and customers
One tool that provides a secure solution for both IT and OT
Simple usage and management
Rapac Energy chose Cyolo as a single complete, extensive and simple solution to solve its access and connectivity challenges. Cyolo ensures secure remote access from Rapac Energy’s isolated networks to external users, including global support teams and customers. Notably, Cyolo is also used internally to ensure zero-trust access between systems and applications for employees.
Rapac Energy’s system cannot be connected to the internet for security and compliance reasons. Regulations require 2FA authentication, recording abilities, and control over each connection. This is where Cyolo's true value is revealead. The external support teams and users connect to Rapac Energy’s external network through a VPN. From the external network they pass through Cyolo, where they are authenticated. Only devices and identities that have been authorized enter Rapac Energy’s network. No tunneling takes place and no other incoming traﬃc enters the isolated network.
The entire implementation process, including systems training and cyber supporters at Rapac Energy, took only one day. This was the shortest implementation Rapac Energy had ever experienced. User training for remote work took place via a clear and concise email.
- Shlomo Kamilyan, CISO and CIO, Rapac Energy
Hundreds of happy global users connecting securely
Hundreds of thousands of dollars saved
Improved security posture while ensuring an awesome user experience
Business continuity, including during the difficult Covid-19 period
Cyolo is deployed globally among a large number of users. These include third parties, customers and employees, who enjoy the security of zero trust access to Rapac Energy’s network, without affecting business continuity. Cyolo is used on a daily basis among users, who report high levels of satisfaction and ease of use.
New Applications: Administrators can build and operate new applications for systems in five minutes.
Requesting Access: Users can clearly view which applications they have access to. If they need access to another app, they can easily request access.
Providing Access: Admins can quickly and easily manage user access and policies to connect employees to applications. The process is quick and easy, and the employees are satisfied, ensuring business continuity.
Strong Authentication: Multi-factor authentication (MFA) was enabled to protect the network from unauthorized access. Zero trust is used to ensure the security of the internal systems and apps as well.
Monitoring: CISOs and security managers use Cyolo’s dashboard to get a clear view of metrics. They can monitor logins, user locations, app usage, access logs, and more.
Auditing and Recording: The recording of any user can be accessed and viewed at any time. For example, an administer in Israel can view the actions taken by a support member from Germany.
Easy Usage: Cyolo is accessible through a web application. This is simple and convenient. Employees are thrilled about being able to connect through a URL link without any change to their normal routines.
By implementing Cyolo, Rapac Energy’s CISO was able to save the company hundreds of thousands of dollars. Instead of buying multiple systems, Cyolo provides an all-in-one solution. The need for international flights has been cut significantly. Weeks and months of work have been reduced into minutes.
In addition, the ease of use ensures all Rapac Energy’s employees and partners use it, significantly improving the company’s security posture.
- Shlomo Kamilyan, CISO and CIO, Rapac Energy