Entegrus, a Canadian energy company, leveraged their existing Pulse Secure virtual private network (VPN) implementation to expedite NAC deployment and fortify their infrastructure in accordance with National Institute of Standards and Technology (NIST) and North American Electric Reliability Corporation (NERC) guidelines. As a result, their security organisation extended visibility for remote and on-premise users and devices, as well as enhanced endpoint compliance and Internet of Things (IoT) risk mitigation.

Entegrus serves over 58,000 customers throughout Ontario. They bring electricity, renewable energy and water across three large regions, with a workforce spread out over 2,300 square miles. Entegrus’ objective is to provide safe, reliable and cost-effective provision of energy and related billing services, while providing high levels of service to its customers, partners and the communities it serves. IT security plays a critical role in protecting their delivery of energy and data services.

“The threat landscape is constantly evolving, forcing us to always consider how we can go one step further. With a widely distributed IT infrastructure, we considered NAC as an effective way to improve our security posture without dramatically altering how we operate,” said Dave Cullen, manager of information systems for Entegrus. “We have a long-standing relationship with Pulse Secure. The level of integration between Pulse Secure secure sockets layer (SSL) and NAC, as well as the extended feature set, made it a straightforward choice for us. Perhaps the two most important things are that we have increased our security posture, and for the most part, there has been zero impact on our end users.”

Ensuring always active control while maintaining flexible, seamless access to network and application resources is an essential requirement for utility providers. Within such highly regulated industries, best practices dictate a constant cycle of security readiness review and improvement to meet an increasingly potent threat posed by cyber threat actors. NAC provides foundational endpoint intelligence, resource access enforcement and IoT defences that support industry and regulatory compliance guidelines. These compliance requisites apply to both regional and large national critical infrastructure providers.