NERC CIP Compliance

NERC CIP-007-1 minimum requirements:

  • R5.3.1. Each password shall be a minimum of six characters.
  • R5.3.2. Each password shall consist of a combination of alpha, numeric, and “special” characters.
  • R5.3.3. Each password shall be changed at least annually, or more frequently based on risk.

The North America Electric Reliability Corporation (NERC) is charged with ensuring that organizations delivering electricity in to the North American electrical grid are identifying and proecting critical cyber assets. The Federal Energy Regulatory Commission (FERC) is the organization charged with overseeing the transmission of electicity, natural gas, and oil, but it gives NERC the responsibility for maintaining Critcal Infrastruture Protection (CIP) standards in the electric Industry.

Many utility companies have adopted nFront Password Filter to help them meet CIP password requirements and ensure better data security by disallowing weak, easily hacked passwords. nFront Password Filter can enforce the use of special characters and force higher privileged accounts to change thier password more often.