Post: 7 ways to ensure your demand side response aggregator really is a “safe pair of hands”

7 ways to ensure your demand side response aggregator really is a “safe pair of hands”

YOU MAY HAVE HEARD DEMAND SIDE RESPONSE AGGREGATORS TALK ABOUT BEING “SAFE”, BUT WHAT DOES THIS ACTUALLY MEAN? WE’VE COMPILED A LIST OF ALL THE WAYS A DEMAND SIDE RESPONSE AGGREGATOR SHOULD OPERATE, AND EXPLAIN HOW YOU CAN BE SURE YOUR DATA, ASSETS AND OPERATIONS REALLY ARE TAKEN CARE OF…

1. Make sure your demand side response aggregator can demonstrate how they protect your data and prevent cyber attacks. By ensuring an IT Governance certification has been passed, you can be sure that security controls have been sufficiently put in place and tested by an external authority. An example of such a certification is Cyber Essentials, which the government have found can prevent around 80% of cyber attacks.

2. Understand where your data is held, and if these data centres have secure firewalls and certifications too. For example, all of the Endeco Technologies production servers are hosted in a data centre with Palo Alto and Juniper firewalls, and have met the requirements for ISO 27001 and ISO 9001 certifications.

3. Which begs the question… who controls and manages the servers? If it’s not the aggregator, then neither they, or you, are really in control of what happens to your data.

4. How is your onsite controller accessed? And how is that access is regulated and secured? Endeco’s engineers and IT department have put stringent measures in place to ensure that the customer site is only accessible via Endeco’s dedicated secure VPN.

5. Do you know which installed devices are outward facing? The more internet facing devices, the more risk there is. When partnering with Endeco, you can be sure that the only device on a customer site that is internet facing is the Endeco controller. All additional components communicate locally with the controller, and do not connect outside of this network.

6. Ensure your technical team, IT department or consultant are on board and involved. An aggregator should always look to involve those concerned with data security internally to provide assurance on both parts.

7. Establish the remote communication method that works best for your business. You should be offered a few secure options to ensure that there is no interference with your asset performance. For example, a secure broadband connection with suitable firewall restrictions, an IPsec VPN tunnel, or secure remote 3G connection (where a suitable network is available).

For more information on data, asset and operational security, and to understand how your business can ensure protected and profitable participation in demand side response, please request a call back from one of our friendly DSR experts…

Ready to transform your energy into opportunity?

Discover if you can generate new revenues, enhance energy savings and boost sustainability with AI-powered Energy Services.

Book a 20 minute meeting/ demo to determine whether your company is eligible. During the chat, our energy experts will be able to explain the process and answer any questions.