Security and protection of the gas pipelines that provide the country with its natural gas needs are an important cause for concern. It is pivotal for gas companies to protect their pipeline from malicious acts that can include the theft of data or interruption of services. Federal Energy Regulatory Commission (FERC) requires pipelines to comply with the latest North American Energy Standards Board (NAESB) standards related to electronic commerce across the internet. Currently, there are discussions among the Wholesale Gas Quadrant (WGQ) Electronic Delivery Mechanism (EDM) participants relating to the use of two-step authentication. In this blog, we’ll discuss in more detail not only the standards set for pipelines across the industry, but how OATI can offer a better alternative to protect your environment from malicious attacks.

Industry Standards for Pipeline Security
Energy companies transmit sensitive data over the internet every day through various transactions, trades, and deals. To safeguard them from any sort of malicious activity, the North American Energy Standards Board (NAESB), Wholesale Gas Quadrant (WGQ), Retail Electric Quadrant (REQ), and Retail Gas Quadrant (RGQ) have developed a number of standards to ensure secure electronic commerce over the internet.

In its efforts to create a seamless marketplace for wholesale and retail natural gas and electricity, NAESB regularly develops and releases new WGQ standards that affect gas pipeline and storage facility transactions. Each new standard may be ultimately adopted by FERC with the issue of rules requiring compliance by regulated pipeline and storage facility operators.

Internet Electronic Transport (Internet ET) standards, developed by NAESB, enable rapid, reliable, and safe transportation of electronic information between NAESB trading partners. The summary of the ET life cycle in Version 3.1 of the WGQ Business Practice Standards states — an electronic package is created by the “sender” by encrypting the data payload and applying appropriate “to” and “from” information. The receiving party, or “receiver,” receives and decrypts the package, then forwards the payload data to back-office processes. The Internet ET standards focus on the transport of the electronic package and not the contents of the package, and the most critical NAESB WGQ standards are the ones that have the greatest impact on day-to-day pipeline operations.

Manage Daily Natural Gas Operations with OATI’s Solution
The OATI webPipeline™ solution is a fully-integrated, cloud-based system and the only NAESB compliant gas pipeline management system. This state-of-the-art gas management software ensures the management of daily natural gas operations within a single integrated system. In addition, OATI webPipeline™ offers multiple internal and external security roles, allowing the system administrator to control and customize user access.

All OATI applications, webPipeline™ included, are hosted at the OATI Cloud. The OATI Cloud enforces very strict physical and cybersecurity standards, like SOC I NERC CIP, NIST SP 800-53, and WEQ-012 CA/B Forum. Due to this, the hosting cloud environment and the use of digital certificates provide a level of security which is unique in the gas quadrant.

On top of all that, OATI addresses security with the use of digital certificates. OATI digital certificates, in general, are used for user authentication and data encryption. webCARES digital certificates are required for access to the OATI hosted solution, which is a critical part of providing security and access authentication for the protection of the pipeline industry. Unlike the electric quadrant, the gas quadrant does not require digital certificates for access to gas pipeline security solutions.

To learn more about our webPipeline™ solution and all its features and functionalities, connect with our experts at Sales@oati.net.