Home > Lock Down: Mine site security

Lock Down: Mine site security

article image

The mining industry has a long history of innovation in technology. 

From exploration to production, sales and logistics, mining companies have harnessed technology to bring greater accuracy, and automate processes to introduce ever-greater efficiencies. 

More recently, the industry has begun to pioneer new approaches for the use of smart card technology to secure assets and operations.

In the past, mining organisations typically relied on multiple credentials and access control systems to fulfil different tasks, resulting in the proliferation of single-purpose systems running in parallel.

In addition to being resource-intensive, disparate access control and security systems do not scale and can be costly to integrate.

A consolidated strategy is therefore crucial. 

Today, the focus has moved to converged systems capable of securing a wide range of sensitive sites and assets, including heavy equipment and transportation. 

Meeting multiple challenges at scale
Aside from hazardous materials and harsh working environments, numerous factors expose miners to significant risk. Remote sites, limited local infrastructure and geopolitical instability make installations susceptible to malicious attack. 

Any security breach has the potential to endanger staff, damage the local environment and disrupt production. 

These factors are magnified by the scale of the operation involved. 

Companies must have the necessary infrastructure to quickly and positively identify each individual, issue each individual with the required credentials, and restrict movements on-site according to the access rights demanded by the individual role and corresponding credentials.

Besides taking into consideration all of the policies and processes of an organisation, there are two major aspects to consider when managing and controlling access to information and resources:

  • Physical access to sites - This is often delivered via hardware and software components including access control readers, which are autonomous devices performing the single purpose of interfacing with credentials.
  • Logical access to computer networks - Information technology access control procedures that restrict a user's ability to interface with computing and networked resources and data. 

These procedures include secure authentication, encryption, single sign-on, and remote VPN access.

Logical credentials are virtual or knowledge-based 'tokens', such as a password or PINs and for enhanced security, a physical credential might also be employed for another layer of authentication. 

Physical credentials include security tokens such as key chains and USB devices, but smart cards have become the mining industry's standard. 

A pipeline of practical solutions
Still, there is no 'one size fits all approach' to a comprehensive smart card, and identity and access management, strategy for the industry. 
Accordingly, there are a host of factors that introduce site specific vulnerabilities, such as the level and type of threats faced, and the physical environment.

For example, some facilities will be particularly challenged by environmental factors such as heat, dust, and risk of explosions and these conditions may require rugged wireless access control solutions.

In the office environment, the risk of a physical attack or accident may be lower, but the threat to information security is may be greater. 
In this case, a physical credential may be preferred to combine PC log-on security (logical access) and physical access onto a single portable smart card. 

This combined solution increases logical security while also resulting in cost savings since the same credential can be used for multiple applications across the site.

However, consolidated strategies entail more than simply the credential and the control reader. 

To ensure a balance between convenience and security, access rights should be centrally managed, and a holistic approach that integrates operational support systems, network infrastructure and facility management solutions should be taken.

Smart cards have become a solution of choice for mining applications because they guarantee higher levels of cryptography and security than those that are typically offered by legacy proximity card solutions. 

It enables the same credential to be used for many other applications, such as equipment vending machines that enable management to keep track of who has what safety equipment at a given site, or touch screen training systems that record essential health and safety data. 

Additionally, large mining companies should consider their requirements based on the national and/or worldwide footprint of their various facilities. 

For these organisations, an identification and access management system must be capable of being deployed across continents, integrated with a wide variety of host systems and adaptable to include additional country or site-specific security measures. 

The importance of securing mining assets is unlikely to diminish in the years ahead. 

Indeed, as some resources grow scarce, the need to secure information and limit physical access to assets will become even greater. 

The challenge is to achieve the required level of security without forgoing convenience and efficiency, and this is where the value of a converged smart card strategy will become increasingly apparent.

*Jordan Cullis is the director of sales for HID Global in Australia and New Zealand.

Newsletter sign-up

The latest products and news delivered to your inbox