NERC CIP Critical Infrastructure Protection Without the Complexity
Protect critical infrastructure without slowing down your operations. Your team will never even know they've lost admin privileges.
How Admin By Request Helps You Uphold CIP Standards Across All Security Domains
Asset Management & Categorization
- Enhanced Visibility into BES Cyber Assets through privileged access monitoring and session logging (CIP-002)
- Detailed documentation of administrative access to critical infrastructure components supporting asset categorization (CIP-002)
- Comprehensive tracking of changes made to categorized BES Cyber Systems during maintenance activities (CIP-002)
Access Control & Authenticaiton
- Multi-factor authentication and role-based access controls for BES Cyber Assets (CIP-004), CIP-007)
- Just-in-time privilege elevation with comprehensive personnel access management (CIP-004)
- Secure Perimeters (CIP-005, CIP-007)
Physical & Electronic Security
- Break Glass emergency accounts supporting physical security requirements and emergency access (CIP-006)
- Electronic Security Perimeter monitoring and access control for critical infrastructure protection (CIP-005)
- Comprehensive logging and monitoring of all access attempts to protected cyber assets (CIP-005), CIP-006)
Operational Security & Monitoring
- Real-time security event monitoring and malware protection for BES Cyber Sytems (CIP-007, CIP-008)
- Automated configuration change management and system security controls (CIP-007, CIP-010)
- Information protection and secure handling of BES Cyber System information (CIP-011)
Incident Response & Recovery
- Automated incident detection and reporting capabilities supporting regulatory requirements (CIP-008)
- Emergency response procedures and recovery plan execution with audit trails (CIP-009)
- Supply chain risk management through controlled vendor and contractor access (CIP-013)
Reporting Capabilities
The audit and reporting tools allow you to extract anything in real-time, such as a graphical representation of the requests and elevations happening – as they happen. Admin By Request’s management tools put you in the front seat of the whole operation.
Device Location
See where all of your devices are on a scalable Google Map. Click for detailed info on each device.
Inventory
Get extensive details on hardware, software, local admins, events, and more for each endpoint.
Activity
Tracked activity includes API, Login, and SCIM activity, mobile app usage, and a settings changelog.
New Devices
At a glance, see which devices have recently installed Admin By Request software.
Local admins
Track and manage your local administrators from a central, birds-eye-view point.
Elevated apps
Use the Auditlog to see which apps have been elevated, by who, and when.
Get Your Detailed Compliance Report
Tell us a bit about your company and we’ll send you a detailed compliance report with information, timeline, checklists, and helpful advice to get you audit-ready.
Trusted by thousands, managing millions
Happy Customers
Malware Preventions
Managed Endpoints
Countries
Compliance Pack
We’ve made it easy to get your hands on all the necessary documentation needed for our compliance checks at your organization. Our Compliance Pack contains all the docs that you’ve got access to on this page – download it below.
Because you're not logged in, you'll only get the Public documents when you download the Compliance Pack. Log in to access all compliance documentation.
What is Compliance by Design?
Rather than retrofitting security solutions to meet audit requirements, forward-thinking organizations are building their IT infrastructure with compliance as the foundation. This proactive approach eliminates the costly scramble of implementing disconnected point solutions when audit deadlines loom, instead creating integrated systems where security controls naturally align with regulatory frameworks from day one. By Designing infrastructure around compliance requirements companies achieve stronger security posture and audit readiness as inherent qualities of their systems, not afterthoughts.
How Can Privileged Access Management Help You with NERC CIP Compliance?
The North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) standards are mandatory cybersecurity requirements design to protect the critical infrastructure of North America’s Bulk Electric System (BES). NERC CIP establishes comprehensive security controls for electric utilities, grid operators, and energy generators to safeguards against cyber threats that could disrupt power generation, transmission, and distribution. The framework includes requirements for asset identification and categorization, electronic security perimeters, physical security, personnel training, system security management, incident response, recovery planning, and configuration change management, with substantial penalties for non-compliance.
Easy Integration
Admin By Request integrates with Windows, macOS, and hybrid cloud environments without requiring major infrastructure changes. This enables electric utilities and BES operators to enhance their cybersecurity controls and access management processes without disrupting critical power system operations or existing SCADA and control system infrastructure.
Enhanced BES Cyber System Protection
Control privileged access through just-in-time elevation, approval workflows, and session time limits. Admin By Request enforces least privilege access to BES Cyber Asset and Critical Cyber Assets, monitors all privileged activity with comprehensive audit trails, and helps protect control systems from unauthorized access or modification that could impact grid reliability or cause service disruptions.
Simple Implementation
Deploy and manage granular access policies at scale using built-in automations. Admin By Request simplifies implementation of NERC CIP access control requirements across generation facilities, transmission substations, and control centers, reducing manual overhead while maintaining consistent policy enforcement for all systems categorized as high, medium, or low impact BES Systems.
Electronic Security Perimeter Support
Generate comprehensive logs, reports, and dashboards that directly support NERC CIP electronic access monitoring and security event detection requirements. Admin By Request provides verifiable evidence of all access attempts, successful authentications, and privileges activities within Electronic Security Perimeters, creating the detailed audit trails required for compliance documentation and regulatory audits.
Personnel and Training Compliance
Eliminate the use of shared administrator accounts and unsecured credentials that violate NERC CIP personnel access requirements. Admin By Request issues secure, time-limited privilege elevation with full authentication and logging, ensuring individual accountability for all access to BES Cyber Systems while supporting background check verification and access authorization requirements.
Incident Response and Recovery
By removing standing privileges and securing access pathways to critical power system infrastructure, Admin By Request supports key NERC CIP objectives including system security management, configuration change control, and incident response planning. This reduces the likelihood of cybersecurity incidents that could result in substantial FERC penalties, service disruptions, or impact to bulk electric system reliability, while providing the rapid emergency access capabilities needed during grid restoration and recovery options.
